Sep 20 2024
Security

Perfect Cybersecurity Is Impossible. Here’s a Better Goal for Businesses

Cyber resilience, which includes security as well as backup and recovery, is an objective that organizations can actually meet.

Most cybersecurity professionals have a grudging respect for their adversaries. Professional cybercriminals are unprincipled, sure, but one must admit they are also innovative and hardworking. It’s impossible for security pros to know everything, because the bad guys keep changing the rules.

It wasn’t long ago that gold-standard security was about defending the perimeter. Today, there is no perimeter; what matters now is whether you control who’s accessing the network.

Most businesses now grasp that distinction and are working hard to implement zero-trust principles. In financial services, for example, about 53 percent of IT decision-makers rate their organizations’ zero-trust maturity level as “advanced” or “optimal,” according to the 2024 CDW Cybersecurity Research Report. In retail, that number is 60 percent.

Click the banner below to learn how to get the most out of your zero-trust initiative.

 

Why Resilience Is the Right Goal

That’s good, because even as businesses work to advance their zero-trust strategies, it’s time for fresh thinking about what it means to be truly secure.

As Veeam CEO Anand Eswaran tells us in an exclusive interview, organizations’ real goal should be resilience, which includes not just a good security posture but also the right backup and recovery strategy (see "What Are the Five Pillars of Data Resilience"). And sure enough, organizations such as the credit union BCU are working to increase their resilience with managed detection and response, in addition to the usual security tools (see "How to Increase Your Security Monitoring Without New Hires").

UP NEXT: Four ways businesses can be cyber resilient this year. 

Our research found that about two-thirds of organizations have suffered a breach within the past five years; for the rest, it’s just a matter of time. What I like about the notion of cyber resilience is that it sets a goal you can meet: Instead of defining success as fending off every attack without fail, it’s about whether you can hold down attackers’ success rate, then recover quickly when they do score.

And that’s an objective that every organization can get behind.

Alones Creative/Getty Images
Close

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.