Get Your Cyber Security Plan In Place Now

Uploaded on 2021-02-15 in TECHNOLOGY--Resilience, NEWS-News Analysis, FREE TO VIEW

As many more businesses are moving online as part of the process of digital transformation, so cyber crime like data theft, phishing emails and ransomware is increasing. Furthermore, the COVID-19 pandemic has pushed many  businesses with immature IT and security processes online and into the cloud, where they sometimes make mistakes that can leave them victim to criminal hacking groups. 

The cyber security industry has reached a critical point with the increasing sophistication of cyber criminals.A strong cyber threat intelligence strategy and planning program is more relevant than ever to all organisations and now is the time to plan your cyber strategy for 2021. 

In the 2020 annual SANS Cyber Threat Intelligence Survey  about 50% of respondents reported having a dedicated team of employees focused on cyber threat intelligence. Nearly 61% said they relied on a mix of in-house personnel and third-party providers to fulfill their threat intelligence needs, up from 54% a year ago, while a small slice, about 8%, said a single employee was assigned to the task.

Despite increased perceptions about the value of cyber threat intelligence, many businesses and industries with less mature security programs still struggle to define what it actually means to them, which capabilities to incorporate, and how to do the ground level planning necessary to support the telemetry and technological tools they put in place.

Part of the reason some businesses can struggle to incorporate cyber threat intelligence is because the  term itself is widely misunderstood. While there are certain fundamental issues, like monitoring one’s own internal telemetry for malicious behavior, the phrase is often used as a collective term of quite different tools, processes and analyses that can be used to track and respond to security threats.

Much of the business world is still grappling with how cyber security has become vital to the integrity of their operations. 

For a business to determine which slices they might need requires documentation, gathering intelligence requirements and engaging with various stakeholders throughout the organisation. The SANS 2020 survey found some progress along this front, with 43% of respondents reporting that they have taken steps to formally document their intelligence requirements, up from just 30% who said the same a year ago. Scoping out those requirements in human terms is important.

The reality is that while some cyber security threats and defensive capabilities are universal, the vast majority of organisations will derive value from just a small fraction of threat intelligence activities.

As cyber security becomes a strategic priority, the CISO role needs to evolve to match its influence within an organisation. 
In some PWC research it was shown that more than a quarter (27%) of UK organisations said the CISO's primary role should be as a transformational leader. This compares to 20% among global respondents. 

The transformational CISO needs the ability to lead cross-functional teams to create agile, forward-thinking security operations that can support an organisation's strategic transformation goals. In contrast, just 15% of UK respondents said the CISO should primarily be an operational leader and master tactician compared to 20% globally.

SANS:         PWC:          SC Magazine:        Cyber Leaders Unite:       Image: Unsplash

For help with your cyber planning strategy please contact Cyber Security Intelligence for advice and recommendations on defining an effective Cyber Strategy Plan.

You Might Also Read: 

Critical Cyber Security Threats & Solutions For Business:

 

« 5G Will Disrupt Cyber Security
British Parliament Wakes Up To Huawei »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MetaCompliance

MetaCompliance

MetaCompliance is a cyber security and compliance organisation that helps transform your company culture and safeguard your data and values.

Kryptus

Kryptus

Kryptus provides a wide array of solutions for hardware, firmware and software ranging from semiconductors to complex digital certificate management systems.

Sikur

Sikur

Sikur have developed a communication platform that sets new boundaries for corporate privacy and security.

CICRA

CICRA

CICRA is Sri Lanka's pioneering cyber security training and consultancy provider.

Vuntie

Vuntie

Vuntie blend European craftsmanship, performance and open-source technology to deliver cybersecurity services including penetration testing, incident response, training and consultancy.

TechArch

TechArch

TechArch helps customers to optimize their investments in cybersecurity by providing them independent and vendor-neutral consultation and guidance.

X4 Technology

X4 Technology

X4 Technology is a leader in finding the very best technology talent for some of the world’s most innovative start-ups and globally recognised brands.

Cynamics

Cynamics

Cynamics is the only network monitoring solution built specifically for Smart City, Public Safety and Critical Infrastructure networks.

National Cybersecurity Competence Centre (NC3)

National Cybersecurity Competence Centre (NC3)

NC3 has been established in response to growing demands for practically applicable products and solutions for ensuring cybersecurity of critical and non-critical information infrastructures.

Jandnet Recruitment

Jandnet Recruitment

Jandnet Recruitment is a small specialist company working in the IT sector. We recruit across all IT disciplines including cyber security and digital identity.

PurpleSynapz

PurpleSynapz

PurpleSynapz provides hyper-realistic Cyber Security Training with a modern curriculum and Cyber Range.

DMARC360

DMARC360

DMARC360 analyzes your email traffic patterns and sources, rapidly deploys email authentication protocols and monitors your email domains with automated recommendations and incident response.

BIG Cyber

BIG Cyber

BIG Cyber is a specialized Managed Security Service Provider (MSSP) dedicated to bringing military grade cyber security technology to the gaming industry.

ITSEC Asia

ITSEC Asia

ITSEC Asia works to effectively reduce exposure to information security threats and improve the effectiveness of its clients' information security management systems.

Sentra

Sentra

Sentra is focused on improving data security practices within the cloud, mitigating the risks of damaging data leaks by providing comprehensive visibility into critical data assets.

Nexer

Nexer

Nexer is a modern tech company with expertise in strategy, technology and communication with a strong vision.