Cyberattacks and breaches are happening more frequently and have a hefty price tag attached to them, yet most organizations are still unprepared to deal with them. According to the IBM 2022 Cost of Data Breach report, the share of breaches caused by ransomware grew 41% in the last year and took 49 days longer than average to identify and contain. According to the same report, a data breach in the United States costs over twice the global average, coming in at $9.44 million.
Organizations recognize that the threat landscape will continue to evolve in this way, as risk continues to grow more dynamic and enduring. 2023 poses an opportunity for organizations to invest in cybersecurity; how they choose to invest will determine the strength of their cybersecurity posture. Incident response solutions drive resilience by improving action and analysis of threats, enabling security teams to increase efficiency and success rates.
Below are six cybersecurity and incident response trends and priorities that can help organizations in 2023:
1. Investments in cybersecurity are core to investments in the entire business.
Organizations tend to limit themselves by focusing on just cyber trends, rather than cybersecurity as a whole. Yes, businesses should invest in strong security protection for computer systems and networks to help eliminate the chances of a cyberattack or breach. However, incident response is also an integral component of improving an organization’s cybersecurity posture, providing organizations with the foundation to leverage cyber data and proactively apply it to their responses. Businesses should think about putting an extra emphasis on building and reinforcing their incident management response going into the new year.
2. Preventative controls need to be balanced with resilience.
The threat landscape evolves faster than most organizations can anticipate, and most of the time there isn’t just one “cookie cutter” incident response that can effectively cover every cyber incident. Having a solution in place that allows organizations to target their response to a specific incident improves their agility and reduces remediation time.
3. Organizations need to defend against multiple attack vectors and address the complexity that comes with it.
Changes brought by digital transformation and remote work are increasing ecosystem complexity. As organizations invest in tools that monitor, detect, and provide information on their IT environment, they should invest in the processes that leverage this information. Incident response solutions orchestrate and automate responses for all threat-types. Organizations accelerate processes, streamline collaboration, and utilize system data and documents by responding through a “single pane of glass.”
4. Organizations will be evaluated against performance requirements related to risk.
Cybersecurity is being recognized as more than an IT issue as CEOs tie risk management to business value. Incident response tools serve this aim by aligning the activity, information, and people involved in each leg of the response. With the entire response memorialized in one place, management conducts reporting and process improvement with greater insight.
5. Cybersecurity is becoming the determinant factor in third-party transactions and engagements.
Existing collaboration tools are not fit for secure collaboration between internal and external stakeholders. However, there are a few incident response solutions that can provide secure access to system data and documents, enabling organizations to pursue transactions and engagements with third parties. The main benefit of using a third-party-friendly solution is the speed in which you are able to share information and address the cyber incident instead of having barriers block communication or access to documents.
6. Automation is the future of cybersecurity and incident response management.
In any threat situation, organizations face common challenges including locating incident response plans, communicating roles and tasks to response teams, and monitoring actions during and after the threat. Often information and actions are siloed between departments, which can slow down response times and hamper recovery. And in the case of ransomware, plans may be inaccessible and communication systems knocked offline prohibiting an effective response. Organizations can rely on solutions that can automate an incident response protocol to help eliminate barriers such as the ones mentioned above.
Neil Ellis is the CIO and CISO at CafeX Communications, which has developed Challo, a process optimization platform with an emerging presence in designing, automating, and accelerating organizations’ incident response. Neil’s 30-year background in security and compliance has driven the successful development of CafeX Communications’ solution for incident management. He can be reached on LinkedIn here and through the company website at http://cafex.com/.