What difference does accountability make to cybersecurity? From my perspective as Chief Technology Officer at BlackBerry, accountability in cybersecurity is an important factor. Especially at a time when everyone is looking for ways to save money and reduce cyber risk at the same time.
I recently spoke about this on a cybersecurity podcast.KBKAST, Cyber VoiceClick below to listen.
How accountability in cybersecurity can reduce risk
A recent survey on cyber insurance conducted by BlackBerry and Corvis Insurance found that 34% of respondents said they would not have cyber insurance coverage due to a lack of basic security technologies such as endpoint detection and response (EDR) capabilities. was rejected. It’s an accountability issue. In an era where ransomware attacks are frequent and often devastating, insurers are looking for specific cyber threats such as EDR, proactive and preventative AI-based endpoint protection platform (EPP) solutions. We are looking for an organization that will take responsibility for implementing the basics of security.
As you might expect, our research also found that a significant number of organizations have implemented basic security technologies such as EDR solutions and acquired cyber insurance. The need to obtain insurance against cyber-based losses is a major driver of EDR adoption and can drive 2x risk mitigation.
Cyber risk can be mitigated by taking basic accountability steps, such as implementing EPP and EDR. But that’s just the beginning. Once an organization is able to mitigate and insure its risk, it can acquire a cyber insurance policy to pass on the additional risk to the insurer. This is a situation that effectively allows an organization to reduce its risk twice.
This article provides more concrete examples of what organizations, especially small and medium-sized businesses (SMBs), can do to take a proactive approach to accountability and be rewarded for making a commitment to cybersecurity due diligence. I’ll pick it up.
Defining accountability in cybersecurity
Accountability remains the same even as the cybersecurity landscape becomes more complex with factors such as more sophisticated attack techniques, hybrid onsite and remote workplaces, and the proliferation of vulnerable Internet of Things (IoT) devices. In the context of cybersecurity, accountability comes down to he three: prevention, mitigation and communication.
In other words, the organization first prevent, that is, doing everything reasonably possible to lower the risk of allowing a cybersecurity incident to occur. However, in the event of an incident, an organization should do everything reasonably possible. reduce Impact on Customers, Partners and Employees. Finally, organizations have a responsibility to ensure prompt, continuous and transparent means of dialogue. I would like to emphasize this last point — communication — because it is an often overlooked key component of an effective business resilience strategy.
SMB and cybersecurity accountability
SMBs, like large corporations, are accountable to their customers and other stakeholders. However, they often don’t have the resources (budget, staff, etc.) to respond to cybersecurity incidents in the same way that large enterprises do. Still, there are steps SMBs can take to demonstrate accountability and commitment to due diligence.
Zero trust network access
SMBs that adopt a Zero Trust Network Access (ZTNA) approach can reduce the risks associated with supporting remote workers. It allows you to establish a secure network connection from any managed or unmanaged device to any app in the cloud or online. -Premises, any network. Some of his ZTNA solutions, such as BlackBerry’s CylanceGATEWAY™, have an added layer of security through interoperability with multi-factor authentication (MFA) solutions such as Google Authenticator, Microsoft Authenticator and Okta.
Managed Cybersecurity Services and Incident Response Retainers
For years, organizations of all kinds have felt the pressure of a growing skills shortage in cybersecurity. I think this is especially true for small businesses. Many small businesses do not have in-house resources such as incident response (IR) teams to continuously monitor their entire cyber environment, counter advanced cyber-attacks, and develop cyber threat intelligence (CTI).
This is where SMBs can leverage IR retainers and managed cybersecurity services to bridge the gap and achieve their goals of preventing and mitigating cybersecurity incidents. Additionally, subscribing to a managed services offering will enable your internal teams to more effectively manage, coordinate, and communicate with stakeholders about cybersecurity activities.
The most advanced products, often referred to in the industry as managed detection and response (MDR) services, add enhanced detection and response (XDR) capabilities to monitor more of your organization’s potential attack surface. To do. Managed XDR services, such as BlackBerry’s CylanceGUARD™, provide 24/7, 360-degree monitoring of your entire operational environment and regular assessments of your security posture. This enhances prevention, mitigation and communication while freeing up limited internal resources and reducing exposure to damaging cyberattacks.
This approach is also significantly more cost effective. Our analysis shows that some SMBs can save around $1.8 million by subscribing to a managed XDR service instead of building a fully functional in-house Security Operations Center (SOC) of the same size. is shown.
Figure 1 — The Cost of Building Managed XDR and the Cost of Purchasing the Same Service
Add Cyber Threat Intelligence (CTI) for better defense and protection
Traditionally, CTI services were reserved for companies with large internal security teams and budgets, but that is changing. CTI provides valuable insight into which attacks (and which attackers) are most likely to target organizations, industries, and geographies. This type of service provides organizations of all sizes with the context they need to make informed decisions at the strategic, tactical, and operational levels, ultimately strengthening their cyber resilience. Going forward, we believe that using and consuming actionable CTI data will be another key factor in assessing the accountability and maturity of an organization’s cybersecurity posture.
Embrace AI as your next cybersecurity team member
SMBs operating with lean cybersecurity teams can also hold themselves accountable by implementing an AI-based endpoint protection solution. Effective EPP solutions are generally cloud-managed and offer, among other things, automated malware protection and continuous monitoring and collection of activity data. An effective AI-based EPP will block most attacks before they even take place, while signature-based solutions will detect and alert you to attacks in progress that could not have been prevented. However, it’s important to note that not all artificial intelligence and machine learning models used in cyberattack prevention products are created equal.
Accountability in the software supply chain
Today’s software supply chains are so complex that it is difficult to answer the question, “Who is accountable?” Due to resource constraints, many of his SMBs, suppliers of embedded systems software, struggle to identify the origin (or potential vulnerabilities) of all code in their software supply chains. To some extent it is understandable. A typical application can have well over 100 software dependencies. Combine that with a lack of cybersecurity skills, and gaining complete visibility into the software stack becomes a very difficult task.
In situations like this, there are ways for SMBs to demonstrate their commitment to accountability. A software composition analysis and security testing solution should be implemented.
Such solutions enable organizations to discover and list open source and commercial software licenses residing within embedded software and systems. This type of solution generates a software bill of materials (SBOM), giving the SMB a clearer view of the software stack. It also helps discover and list vulnerabilities and exposures in your stack.
Automated cloud infrastructure health checks and compliance
As enterprises increasingly rely on the cloud for a variety of operational activities, SMBs should consider cloud security posture management (CSPM) solutions. CSPM tools enable SMBs to identify and remediate risks through security assessments and automated compliance monitoring.
This means that if a vulnerability is introduced by changing the configuration of an organization’s cloud infrastructure, the CSPM solution will recognize the potential risk and automatically revert the configuration to a “known good” state, freeing up human resources. can. Reduce resources and risk.
Final Thoughts on Accountability in Cybersecurity
An accountable and proactive approach to cybersecurity efforts can save costs, reduce cyber risk, and help protect an organization’s bottom line.
To learn more about accountability in cybersecurity, check out our discussion with Karissa Breen on the KBKAST podcast.
For similar articles and news delivered to your inbox, Subscribe to the BlackBerry Blog.