Build a Cybersecurity Strategy to Address Evolving Risk

Nov. 18, 2022
Will Bass, Vice President of Cybersecurity Services for Flexential Professional Services, provides guidance on how to build an effective cybersecurity program.
The dramatic increase in remote work opportunities, mobile applications and cloud services, and an increasingly sophisticated cyber threat landscape has created a dangerous storm of cybersecurity risk. In the second quarter of 2022, global cyber-attacks increased 32% over the previous year. Adding to this concern is a study that reports bad actors can infiltrate 93% of corporate networks.

To reduce cyber risk, including ransomware, every organization needs an effective cybersecurity program that strengthens defenses, detection, and response capabilities and reduces risk. In working with customers, we’ve seen organizations that lack some of the programmatic approaches we recommend. Specifically, organizations may be missing one or more of the four foundational activities we see as the most critical to implement: risk management, ransomware defense and readiness, external penetration testing and incident response (IR) capabilities.

Risk Management

Each organization has different cybersecurity priorities based on its activities, data, communications and transactions. Every organization needs to understand its specific risks – since risks and their impact vary from organization to organization. As risk is an ongoing security topic, organizations need a programmatic approach that successfully mitigates risks and identifies the most critical risks requiring ongoing management. 

Risk assessments are compliance requirements for some organizations, but every organization should undertake risk assessment and management as an essential activity in their cybersecurity efforts. An industry standard for understanding organizational risk is the NIST 800-30 guide for conducting risk assessments, followed by mitigation efforts, including ongoing management and regular updates to a formal risk register. These efforts provide an understanding of risk likelihood and impact and, therefore, inform action and mitigation prioritizations.

Ransomware Defense and Readiness

The number of ransomware attacks and their incurred costs continue to grow at an alarming rate. While an attack occurred every 11 seconds in 2021, this metric is expected to narrow to two seconds by 2031. Damage costs are also predicted to surge from $20 million to $256 billion over the same timeframe. Given this growth and the highly automated and increasingly sophisticated nature of ransomware attacks, organizations must focus on minimizing the likelihood of an occurrence and reducing the impact with effective, timely responses to attacks. This means continuously fortifying defenses and creating and maintaining response and recovery capabilities in-house – all before a ransomware incident occurs.

Strong defenses on email, web browsers, perimeters, endpoints, anti-malware and secure configurations and hardening can stop an attack before it happens. If you can’t prevent it, then limit the impact with quick detection and strong incident response that contains the attack, preferably to a single laptop or workstation. Next, have a team that can recover from the impacts using backups and disaster recovery – and again fortify the environment and reinforce training.

External Penetration Testing

In addition to establishing defenses, those defenses should be regularly tested to uncover gaps that bad actors can exploit. Testing perimeter weaknesses to identify, evaluate and remediate strengthens defenses against external threats, including ransomware. The crucial activity to test perimeter defenses is engaging professional external expertise to attempt to penetrate the environment. There is no substitute for regular external penetration testing for discovering vulnerabilities in an environment, especially when threats are constantly changing and becoming increasingly complex.

Incident Response

Often overlooked, incident response plans and tabletop testing for IT staff is critical preparation to respond, contain and recover successfully from incidents. Ideally, the IT staff on duty can quickly and effectively respond to an incident based on having an up-to-date incident response plan and having had the opportunity to regularly test that plan before an incident occurs. IT teams who either don’t have an IR plan or have not recently tested their plan will have slower responses and are less knowledgeable about the right actions and when to take them. This results in incidents with more significant damages: costs, downtime and data loss.

The Value of External Expertise

Highly certified providers with extensive knowledge and experience in cybersecurity best practices can support enterprises by providing much-needed specialized services for assessments, increasing defenses, identifying weaknesses and vulnerabilities and preparing for effective incident responses.

Based on our experience with customer needs and challenges, including internal staffing and knowledge gaps, we’ve created services to support organizations in developing programmatic approaches to risk and cybersecurity. The Flexential Professional Services’ Cyber Defense Program employs cybersecurity and risk management best practices and standards to identify and mitigate risk and build cybersecurity defenses that reduce the impact and likelihood of cyber events. The program combines risk identification with prioritized, actionable recommendations to quickly decrease risk to the organization by closing vulnerabilities, preparing staff for cyber events, and strengthening identification and response capabilities.

With the ever-expanding threat landscape, there is no time like the present to increase your organization’s defenses. While devising and implementing an effective cybersecurity program may be challenging, time-consuming, and costly, costs from a successful ransomware attack, data loss and unplanned downtime quickly exceed the price of proactive and preventive measures. Furthermore, it is business-critical for IT departments to protect the confidentiality, integrity, and availability of their organization’s operations and data.

Will Bass, Vice President of Cybersecurity Services, Flexential Professional Services. Contact them to learn more about their flexible and tailored hybrid IT solutions comprised of colocation, cloud, connectivity, data protection, managed, and professional services.

About the Author

Voices of the Industry

Our Voice of the Industry feature showcases guest articles on thought leadership from sponsors of Data Center Frontier. For more information, see our Voices of the Industry description and guidelines.

Sponsored Recommendations

The AI Disruption: Challenges and Guidance for Data Center Design

From large training clusters to small edge inference servers, AI is becoming a larger percentage of data center workloads. Learn more.

A better approach to boost data center capacity – Supply capacity agreements

Explore a transformative approach to data center capacity planning with insights on supply capacity agreements, addressing the impact of COVID-19, the AI race, and the evolving...

How Modernizing Aging Data Center Infrastructure Improves Sustainability

Explore the path to improved sustainability in data centers by modernizing aging infrastructure, uncovering challenges, three effective approaches, and specific examples outlined...

How Modern DCIM Helps Multi-Tenant Colocation Data Centers Be More Competitive

Discover the transformative impact of modern DCIM software on multi-tenant colocation data centers, enhancing competitiveness through improved resiliency, security, environmental...

Sashkin/Shutterstock.com

Unpacking CDU Motors: It’s Not Just About Redundancy

Matt Archibald, Director of Technical Architecture at nVent, explores methods for controlling coolant distribution units (CDU), the "heart" of the liquid cooling system.

White Papers

Get the full report.

From Console to Cloud

April 7, 2022
This white paper from Iron Mountain explores the current challenges, drivers, and opportunities for gaming digital infrastructure.