CyberSecOp.com

View Original

Moving to the cloud: Efficiency and Reduced Organizational Risk Posture

Moving to the cloud: A Study in Security, Efficiency & Reduced Organizational Risk Posture

A recent Gartner study indicates that cyber crimes are at an all-time high, up 30% year over year. This is and should be of tremendous concern to C-suite executives and boards of directors.

The root cause of cybercrimes varies; however, most organizations will experience vulnerabilities arising from technological gaps due to neglected software patching initiatives, outdated firmware, continued use of hardware beyond manufacturer ‘end of life’ standards, limited resources, limited budgets, multiple new compliances, and of course externalities such as the recent global pandemic.

In efforts to protect against threat actors while simultaneously acknowledging their companies’ limitations, more and more C-suite information security executives are proposing complete moves to cloud-based computing environments along with the ‘shared resource’ model characteristic thereof.  This will help ensure information security integrity, reduce or eliminate the threat of bad actors wreaking havoc on the company’s information systems and will allow the organization to achieve its goals with some element of cost-efficiency. To ensure these systems are implemented in the most efficient manner possible, many concerns will turn to Managed Security Services Providers (MSSPs).

1.       Lack of resources create an unintended risk appetite

Some specific security challenges organizations face in today’s operating environment, based on experience include: A lack of resources creates an unintended risk appetite leads to organizational dysfunction and job loss. Organizations need to provide their CISO with their own budget, independent of IT, and the CISO needs to report at the same level as the CIO with a direct line to the Board of Directors and should feel comfortable addressing any vulnerabilities that may arise, notwithstanding resource requirements to address them. Recently, we were tasked with performing a security assessment and reporting our results directly to the client’s Chief Information Officer. The Chief Information Officer, in turn, requested that we provide our findings simultaneously, at a joint meeting of the Board of Directors. The Chief Information Security Officer had previously briefed the board on the organization’s information security posture and had suggested that risk levels were at a minimum and that there were no vulnerabilities or deficiencies that could pose mission-critical faults; in this, the CISO had sought to ‘paper over’ problems that had not been budgeted for and instead treated with an ‘it’s your job, you fix it’ mentality, creating a lose-lose proposition. Our findings and report directly contravened what the Board had previously been told, and this led to the firm initiating a comprehensive systems audit which resulted in the dismissal of multiple information technology executives.

2.       Cloud Security Competency, Efficiency, and Cost-Effectiveness. As the cloud computing environment becomes mainstream, organizations will realize the competitive benefit of having so many competitors offering similar services. This allows organizations to seek out the best technology and team while adhering to internal resource limits.

3.       Application and Network Monitoring

This service is critical for identifying potential risks and attacks from internal and external threats and one of the single largest information security infrastructure areas of investment for companies today. CyberSecOp has seen a volumetric increase in requests for our Security Information and Event Management (SIEM), Managed Detection and Response (MDR), Data Loss Prevention (DLP), Security Operations Center (SOC) and Cloud Access Security Brokers (CASB) services over the last year, which dovetails with broader global market trends. With ransomware and data security breaches at an all-time high, organizations are looking to managed IT security and managed compliance services providers to bridge the resource gap.

4.       Data Security Governance Framework

Organizations are utilizing the cloud to aid with compliance, reducing the upfront cost of buying all the necessary security solutions and related resources needed to get them configured and managed; indeed, the focus has switched to using cloud and shared resources provided by managed IT and managed security providers.

5.       Enterprise Security Partners

Bringing on an Enterprise Partner enables companies to focus on those factors that promote business growth as opposed to focusing on back-end solutions and internal control structures.  In turn, the Enterprise Partner (MSSP) is often able to provide its services at a substantially more cost-efficient and competency structure than if the company had attempted to replicate those services internally; examples of specific areas of favorability are hiring and staffing the function, keeping up with and implementing vulnerability management, leaner staffing levels, and overall cost efficiencies.  

6.       Authentication 

Over the past year, we have seen a 70% increase in the adoption of multifactor authentication technologies, including but not limited to ‘password-lite’ cloud-based solutions capable of biometric authentication, geolocation fence authentication, anomaly detection, end-user based risk scoring, and evaluation. Partnering with an Enterprise Security Partner can ensure such technologies are rolled out across all organization information technology platforms in a coordinated and effective manner, with a minimum risk of non-adoption and systemic conflicts.

CyberSecOp provides proven Risk Management and Digital Transformation: As one of the most called on firms for security breach response services per Google Analytics, we have assisted with over 550 incident responses spanning 2019 and 2020. CyberSecOp helps organizations assess their cloud or on-premise environments and implement a security program that provides the safeguards needed in the cloud or on-premises. We also offer incident response and forensics teams to assist with containment, remediation, recovery from ransomware attacks, and other security breaches.