7 best practices for closing the IT security gap
The list of security best practices can be long, and those practices may be difficult to implement. We always have to prioritize, so which are the most important ones? The Ponemon Institute 2020 Global Study on Closing the IT Security Gap uncovered the seven best practices of high-performing organizations.
"By correlating leading-edge techniques such as AI, automation, zero trust, and the use of cyber insurance with the level of confidence in their ability to protect the organization, a clear pattern emerged," says Larry Lunetta, vice president of WLAN and security solutions marketing at Aruba, a Hewlett Packard Enterprise company. "Compared to the sample group, high-performing teams used innovative techniques much more frequently and aggressively. They clearly understand their value in terms of dealing with major IT initiatives such as digital transformation, work from home, and IoT."
The survey asked respondents to rate their organization on a scale of 1 to 10 for its "ability to keep up with a constantly changing threat landscape and close its organization's IT security gap." If the respondent chose a score of 9 or 10, the organization was considered to be high performing. The IT security gap was defined as "the inability of an organization's people, processes, and technologies to keep up with a constantly changing threat landscape."
According to the Ponemon study, high-performing organizations most likely follow these seven best practices:
View related infographic: What's threatening IT security and what are people doing about it?
Have confidence in the ability to close the IT security gap with automation
Effective and high-performing organizations believe in the value of AI technologies to detect attacks on the inside. They are more confident that attacks inside the IT infrastructure can be detected quickly before they break out and cause a cybersecurity breach resulting in data being stolen, modified, or viewed by unauthorized entities.
"While AI and automation are not new concepts, the data shows that there is still a reluctance to leverage them," Lunetta says.
"We need people to be trained in AI because it cuts down on human error," says John McDermott, worldwide portfolio manager for cybersecurity education, training, and certification at HPE. "Artificial intelligence is about getting things to be faster, quicker, and more secure."
Implement a zero trust model
Almost half of respondents (48 percent) have already implemented a zero trust model while 33 percent will implement one in the future. More than one-third of the respondents say their organizations have chosen not to implement zero trust.
"Almost 50 percent of all respondents are counting on their current infrastructure suppliers to help them implement the security needed for the accelerating shift to aggregating and processing data at the intelligent edge," Lunetta says. "They clearly recognize that zero trust must be built into network, compute, and storage resources, not bolted on."
McDermott adds, "If we adopt a principle of zero trust, we're building security at the very heart of what we're trying to achieve."
Have implemented machine learning extensively or partially
Some 56 percent of high performers have implemented machine learning extensively, either throughout the organization (37 percent) or partially (19 percent).
"High performers are much more likely to have implemented machine learning in dealing with threats," Lunetta says. "As a result, they also realize the benefits of automation to eliminate false positives, increase the efficiencies of investigations, and most importantly, see attacks before they do damage."
Have cyber insurance as part of an overall cybersecurity strategy
Ninety-six percent of high-performing organizations have or will have a cyber insurance policy, while 71 percent of the other organizations will purchase cyber insurance.
"We weren't surprised to see that practically every high-performing security team said they utilized cyber insurance," Lunetta says. "These teams worked more closely with their corporate risk management counterparts to ensure that their product selections match corporate priorities."
Work with their risk management organizations to determine coverage
Seventy-five percent of high-performer respondents vs. 52 percent of respondents in the other organizations work with their risk management organizations to determine the right amount of coverage.
See security technologies as important to a digital transformation strategy
Seventy-one percent of respondents from high-performing organizations compared with 54 percent of those from the other organizations believe security technologies are important or highly important to a successful digital transformation strategy.
"Digital transformation is something that every organization is going to have to go through at some point or another in the future," McDermott says. "It's going to widen the security gap because everything's digital with the Internet of Things. And the bad guys will use anything to get your data."
View the connection between privacy and security as important
Seventy-nine percent of respondents in high-performing organizations vs. 61 percent of respondents in the other organizations are likely to believe achieving a strong cybersecurity posture means reducing the privacy risk to their employees, business partners, and customers. Sixty-five percent of respondents compared with 47 percent of respondents in the other organizations believe human error is a significant risk to the privacy of their employees, business partners, and customers.
According to the Ponemon study, "The IT security gap prevents organizations from quickly detecting attacks on the inside. Only 29 percent of respondents say they are highly effective in closing the IT security gap. The primary reason for this gap is a lack of visibility into every user and device connected to the IT infrastructure."
"Great security teams are partners with the business on key initiatives," Lunetta says. "They see security playing a critical part in establishing and assuring privacy and an important factor in successful business priorities such as digital transformation and IoT."
Closing the IT security gap: Lessons for leaders
- Digital transformation initiatives, remote working, and the IoT are reshaping how companies should think about their security.
- AI, automation, machine learning, and zero trust should be an integral part of any company's cybersecurity strategy.
- Moving forward, cyber insurance is a must-have to properly prepare for cybersecurity risks and costs.
If we adopt a principle of zero trust, we're building security at the very heart of what we're trying to achieve.
This article/content was written by the individual writer identified and does not necessarily reflect the view of Hewlett Packard Enterprise Company.