January 16, 2023
While the supply chain is loosening, and other acute side-effects of the pandemic continue to subside in most parts of the world, cybercrime will continue to escalate in terms of frequency and severity.
If you’re charged with protecting your organization from cyberattacks, you probably already know that the cybersecurity posture that was considered sufficient just a few years ago is no longer enough. In this blog, I’ll outline my recommendations for improving your cybersecurity posture in 2023.
What Is Cyber Security Posture, and Why Is it Important?
Cybersecurity posture refers to an organization’s ability to defend itself against a potential cyberattack. Your overall cybersecurity posture consists of three basic components:
- Cybersecurity tools
- Security processes and policies, including disaster recovery plans
- Threat response and end-user training
No single cybersecurity tool or solution can prevent 100% of attacks. A modern cybersecurity posture should be a robust, multifaceted approach to minimize attack vectors and their effectiveness. Unfortunately, cybercrime is expected to skyrocket in the next few years, which is understandable if you think like a cybercriminal. It’s more profitable than the drug trade, and you don’t even need to be an expert to make cybercrime pay. Ransomware is now also sold as a service, just like grocery delivery or Netflix.
How to Assess and Improve Security Posture
After Russia invaded Ukraine, the US Cybersecurity and Infrastructure Security Agency (CISA) recommended a “Shields Up” posture, and outlined four recommendations to protect organizations from cyber threats:
- Reduce the likelihood of a damaging cyber intrusion
- Take steps to quickly detect a potential intrusion
- Ensure that your organization is prepared to respond if an intrusion occurs
- Maximize your organization's resilience to a destructive cyber incident
These recommendations are just as relevant in 2023 as they were in 2022. However, the steps you’ll need to take to address CISA’s first recommendation can be a bit tricky if you don’t know where all your risks are.
How to Reduce the Likelihood of a Damaging Cyber Intrusion
Create Or Update Your Tech Inventory
Make sure that you have a detailed inventory of your technology ecosystem, and that it is up to date. If your organization is larger, automation tools may be necessary to make this task achievable.
Identify Areas of Risk and Responsibility
Once you have taken stock of your inventory, you can start to identify risks related to each tool in your environment. However, you know the saying, “If everyone’s responsible for something, no one is.” In addition to identifying areas of risk, also identify someone who’s responsible for managing each of them.
Evaluate the best strategy to address any areas of risk, and make sure that the owner of that risk has the time and the appropriate tools to address each risk.
Manage Your Third-Party Risk
Even if your business is consistently following best practices when it comes to cybersecurity, not every vendor or business partner may be. Examine where third parties may pose a risk, and take steps to address these risks. Look over any Service Level Agreements (SLAs), and pay close attention to who’s responsible for what, and what happens when and if something goes wrong. If a provider hasn’t spelled out that they’re responsible for something, that means you are.
The Easiest Way to Get Started
Most IT professionals that I know are still struggling with heavy workloads, and making a detailed inventory of your existing technology is simply never going to make the top of the priority list. If cybercriminals can just buy the skills and resources they use to carry out attacks, then you are certainly entitled to do the same to prevent them.
Fortunately, “reducing the likelihood of a damaging cyber intrusion” is something that can absolutely be bought. At Marco, we offer comprehensive Cybersecurity Assessments that are conducted by our US-based team of world-class experts. Our recommendations will be based on best practices outlined in the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF) and the Center for Internet Security (CIS) Critical Security Controls.
You can focus on keeping your technology up and running and providing end-user support while we take a detailed inventory of your technology, assess your areas of risk, and recommend the best solutions to address them. When we’re done, we’ll leave you with a project-based security roadmap of what you should update ASAP, and what can wait. We can also help you cross off a few more cybersecurity to-dos, but first things first…