Building resilience against emerging security threats

By Mat Clothier
Mat Clothier, CEO at Cloudhouse, explores how to build resilience against security threats and taking a multi layered approach

The growing focus on security reflects the fact that no business is immune from the threat of attack. And this problem is only set to grow: one study predicts that global cybercrime costs will reach US$10.5tn annually by 2025.

Successfully protecting a business and building resilience against malicious acts requires a complex and multi-layered approach: it’s not as simple as integrating one antivirus program and hoping for the best.

The adoption of a configuration management tool can integrate with best practice benchmarks to scan an entire IT estate and make recommendations on improvements. This technology enables a business to not only reduce its current risk, but also protect itself going forward using best practice.

Cybersecurity: a strategic focus for businesses

A 2022 study into 1,200 organisations across 16 countries produced some sobering insights. 29% of CEOs and CISOs and 40% of CSOs admitted that their organisation is unprepared to deal with the rapidly changing landscape of cybersecurity threat – with the highest proportions being in healthcare, the public sector and telecoms sectors.

During the first year of the pandemic (2020 to 2021) the number of material breaches rose by more than a fifth (20.5%), and the average percentage of a firm’s total revenue devoted to cybersecurity budgets jumped in response by 51%. The financial losses, potential legal consequences and reputational damage from a successful attack make it understandable that businesses are devoting more expertise and budget to this area.

Eyes on the future

When asked to look to the future, security executives expect an increase in ransomware and social engineering (such as phishing and baiting) in the coming years, as criminals adopt ever more sophisticated approaches. The executives identified specific weak spots as being software misconfigurations (49%), human error (40%), poor maintenance (40%), and unknown assets (30%).

To address this growing threat, cybersecurity must take a multi-layered approach within an organisation to ensure the best protection against ever-evolving malicious activities such as ransomware.

It’s no surprise that cybersecurity has become a central strategic focus for businesses. Much of the responsibility for this will fall to CISOs.

Misconfigurations a major weak spot

As mentioned, a recent study found that security executives believe that misconfigurations are their biggest weak spot when it comes to cybersecurity risks. And they are wise to recognise this: in reality, most breaches are not caused by hacking, they’re caused by misconfiguration.

Threats such as malware and data breaches almost always rely on misconfigured systems to succeed. Perhaps a default password hasn’t been changed, a cloud storage instance has been set to public, or a dangerous port is accidentally left open to the internet. These are all errors that can be hard to spot in a complex data centre. It’s a time-consuming task that may not be a top priority amongst competing business goals, meaning the vulnerability remains unidentified.

Configuration management tools help here by scanning the entire estate, from cloud storage to local servers, websites to network devices, and more, identifying misconfigurations. They are vendor agnostic and surface anomalies that might otherwise go unnoticed - until it is too late.

Auditing the estate in this way gives CISOs the visibility and control they need to effectively monitor their estate and be proactive in remediating misconfigurations. Armed with this insight, the company’s risk is reduced and its resilience is enhanced.

Configuration management tools not only identify issues in real time, but can also store the total configuration state of every node, making it easy to compare systems and environments, or see how a system has changed over time. They allow the discovery of cluster consensus with a single click, and have the differences visualised, making for rapid troubleshooting down to the line level of a configuration file.

Helping to achieve compliance

Most companies want to follow security best practices - and have the evidence that they do so in the event of a data breach or other cybersecurity incident - even if regulatory compliance isn’t necessary in their sector. For businesses that operate in highly regulated spaces, such as financial services, regular cybersecurity and IT process audits are mandatory: they must prove that customer data and services are secured by the best-known means.

Configuration management tools can help here by automating compliance assessment and reporting, allowing continuous auditing of systems and keeping a record of the configuration. This automation can also include testing assets against best practices, regulatory standards, or company policy, not just during an audit, but all the time. If a system falls out of compliance, this oversight allows issues to be fixed as quickly as possible – further protecting the business.

Configuration management tools help enterprises meet benchmarks

The Center for Inter Security (CIS) is recognised as a leader in generating standards and defines numerous industry leading security benchmarks for organisations to follow. Adhering to these helps organisations to improve their cybersecurity. However, achieving this can be a time-consuming and complex task. Configuration management tools can greatly simplify this process. They can come preloaded with policies for the Center for Internet Security’s 20 critical security controls, which satisfy many aspects of regulatory requirements like PCI and SOX.

The configuration management tools execute CIS policies on a user-defined schedule, and can be tailored to specific business needs, allowing the omission, modification and supplementation of the tests included in the benchmarks as published by CIS.

They also allow the creation of bespoke policies from an existing system in just a few clicks, which you can then apply against similar systems.

Build your resilience against security threats

The right configuration management tool can be a vital weapon in the CISO’s cybersecurity arsenal. They allow companies to keep on top of everything in the estate, monitoring changes over time, identifying what is out of date and non-compliant and automatically achieving compliance by getting to best practice configuration. With this insight a business can reduce its risk and build its resilience, putting it in the best position to meet the challenges of the future head on.


Featured Articles

Tech & AI LIVE: Key Events that are Vital for Cybersecurity

Connecting the world’s technology and AI leaders, Tech & AI LIVE returns in 2024, find out more on what’s to come in 2024

MWC Barcelona 2024: The Future is Connectivity

Discover the latest in global technology and connectivity at MWC Barcelona 2024, where industry giants converge to discuss 5G, AI and more industry trends

AI-Based Phishing Scams Are On The Rise This Valentine’s Day

Research from Egress Threat Intelligence, Avast, Cequence Security & KnowBe4 outlines how AI is being used in dating app phishing scams on Valentine’s Day

Speaker Lineup Announced for Tech Show London 2024

Technology & AI

Darktrace predicts AI deepfakes and cloud vulnerabilities

Cloud Security

Secure 2024: AI’s impact on cybersecurity with Integrity360

Technology & AI