To cut through the “fog of more” that plagues modern IT organizations, businesses seeking safety from threat actors must align themselves with well-tested security frameworks and focus on the most effective tactics.
So argued Aundre Dudley, a cybersecurity team lead at CDW, speaking at Cisco Live 2023, the large conference of Cisco customers, partners, analysts, journalists and others taking place in Las Vegas through June 8.
The fog of more is a phrase Dudley, a U.S. Marine Corps veteran, used to describe the ever-growing barrage of threats, solutions and technologies that IT security leaders deal with every day. In the last year alone, artificial intelligence has advanced markedly, hybrid cloud options have grown more popular and complex, cybercriminals have continued to evolve their roster of tactics, and cybersecurity companies have delivered tools promising “next-threat protection,” “full stack observability” and more.
It all adds up to a confusing situation for IT leaders, Dudley said: “It’s really a challenge for organizations to figure out what matters most to them.”
Click the banner below to follow our coverage after the Cisco Live 2023 event as an Insider.
How the Pareto Principle Applies in Cybersecurity
Dudley advised organizations to cut through the noise by applying the Pareto Principle, better known as the 80/20 rule, which posits that for many outcomes, 80 percent of consequences flow from 20 percent of causes. “You might wear only 20 percent of the clothes in your closet 80 percent of the time, or 80 percent of the traffic might occur on only 20 percent of roads,” he said.
The same is true in cybersecurity: Organizations can thwart 80 percent or more of the most common attacks by focusing on the 20 percent or so of the most highly effective defense tactics.
LEARN MORE: In uncertain economic times, build a robust security program.
That’s why it’s best to emulate security frameworks that have proved effective, he said. When asked to describe the state of their security postures, too many organizations simply rattle off the tools they’ve deployed to address one threat or another. “They’ll say, ‘Well, we use a next-generation firewall to stop ransomware,’ for example,’” Dudley said.
The tools are important, but merely deploying technology isn’t really a security strategy. It’s better to align your goals against those recommended by respected research organizations that have published and tested security frameworks, then deploy solutions that help you achieve measurable outcomes.
Popular Cyber Frameworks Include NIST, CIS
A popular security framework is the one published the National Institute of Standards and Technology, which posits a five-pillar approach to security that begins with data protection and ends with breach recovery. For his part, though, Dudley is partial to the 18 Critical Security Controls published by the Center for Internet Security.
The tools cover everything from asset and partner management to penetration testing and offer guidance on how organizations can measure their degree of maturity on each. Dudley noted that each of Cisco’s many security solutions is mapped to one or more of the controls.
“If you align yourself 100 percent with the CIS controls, you’ll be in a position to stop 90 percent of the most common attacks,” he said. For example, organizations that deploy all of CIS’s recommended anti-ransomware safeguards will foil 92 percent of the most common ransomware attacks, according to CIS estimates.
Dudley also advised organizations to practice security. It’s not enough to deploy tools; businesses must run simulations, tests and tabletop exercises to ensure their tools and strategies will stand up to a breach attempt.
Whether you’re attending Cisco Live or not, follow us on Twitter at @BizTechMagazine and the official conference Twitter account, @CiscoLive, and join the conversation using hashtag #CiscoLive.
