Get Your Cyber Security Plan In Place Now

Uploaded on 2021-02-15 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

As many more businesses are moving online as part of the process of digital transformation, so cyber crime like data theft, phishing emails and ransomware is increasing. Furthermore, the COVID-19 pandemic has pushed many  businesses with immature IT and security processes online and into the cloud, where they sometimes make mistakes that can leave them victim to criminal hacking groups. 

The cyber security industry has reached a critical point with the increasing sophistication of cyber criminals.A strong cyber threat intelligence strategy and planning program is more relevant than ever to all organisations and now is the time to plan your cyber strategy for 2021. 

In the 2020 annual SANS Cyber Threat Intelligence Survey  about 50% of respondents reported having a dedicated team of employees focused on cyber threat intelligence. Nearly 61% said they relied on a mix of in-house personnel and third-party providers to fulfill their threat intelligence needs, up from 54% a year ago, while a small slice, about 8%, said a single employee was assigned to the task.

Despite increased perceptions about the value of cyber threat intelligence, many businesses and industries with less mature security programs still struggle to define what it actually means to them, which capabilities to incorporate, and how to do the ground level planning necessary to support the telemetry and technological tools they put in place.

Part of the reason some businesses can struggle to incorporate cyber threat intelligence is because the  term itself is widely misunderstood. While there are certain fundamental issues, like monitoring one’s own internal telemetry for malicious behavior, the phrase is often used as a collective term of quite different tools, processes and analyses that can be used to track and respond to security threats.

Much of the business world is still grappling with how cyber security has become vital to the integrity of their operations. 

For a business to determine which slices they might need requires documentation, gathering intelligence requirements and engaging with various stakeholders throughout the organisation. The SANS 2020 survey found some progress along this front, with 43% of respondents reporting that they have taken steps to formally document their intelligence requirements, up from just 30% who said the same a year ago. Scoping out those requirements in human terms is important.

The reality is that while some cyber security threats and defensive capabilities are universal, the vast majority of organisations will derive value from just a small fraction of threat intelligence activities.

As cyber security becomes a strategic priority, the CISO role needs to evolve to match its influence within an organisation. 
In some PWC research it was shown that more than a quarter (27%) of UK organisations said the CISO's primary role should be as a transformational leader. This compares to 20% among global respondents. 

The transformational CISO needs the ability to lead cross-functional teams to create agile, forward-thinking security operations that can support an organisation's strategic transformation goals. In contrast, just 15% of UK respondents said the CISO should primarily be an operational leader and master tactician compared to 20% globally.

SANS:         PWC:          SC Magazine:        Cyber Leaders Unite:       Image: Unsplash

For help with your cyber planning strategy please contact Cyber Security Intelligence for advice and recommendations on defining an effective Cyber Strategy Plan.

You Might Also Read: 

Critical Cyber Security Threats & Solutions For Business:

 

« 5G Will Disrupt Cyber Security
British Parliament Wakes Up To Huawei »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Momentum

Momentum

The Cyber Security team at Momentum offers a professional and specialist recruitment service across Cyber & IT Security.

CERT-UA

CERT-UA

CERT-UA is the national Computer Emergency Response Team for Ukraine.

WizNucleus

WizNucleus

WizNucleus develops, markets and supports a software platform (Cyberwiz-Pro) that enables Critical Infrastructure enterprises to ensure the future state of their cybersecurity and remain compliant.

Novastor

Novastor

NovaStor® is an award-winning, international data backup and recovery software company with solutions supporting physical, virtual and cloud environments.

Randstad

Randstad

Randstad provide outsourcing, staffing, consulting and workforce solutions in the USA across a wide range of job sectors including IT and cybersecurity.

SECURITI.ai

SECURITI.ai

SECURITI.ai's PrivacyOps platform is a full-stack solution that operationalizes and simplifies privacy compliance using robotic automation and a natural language interface.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Crown Sterling

Crown Sterling

Crown Sterling delivers next generation software-based, AI-driven cryptography in the form of random number generators and encryption products.

Ukrainian Special Systems (USS)

Ukrainian Special Systems (USS)

Ukrainian Special Systems (USS) is a state-owned commercial enterprise providing confidential communication, trust services and services in the field of information protection.

Iterasec

Iterasec

Iterasec provides a full range of security services to hacker-proof your products and make software engineering process secure by design.

DAtAnchor

DAtAnchor

Anchor is simply a better way to protect and control sensitive data. Zero-trust, data-centric security. Simplified.

PSafe

PSafe

PSafe is a leading provider of mobile privacy, security, and performance apps. We deliver innovative products that protect your freedom to safely connect, share, play, express and explore online.

Vizius Group

Vizius Group

The Vizius Group are a think tank of cybersecurity consultants who understand the mechanics and business value of risk reduction.

CentriVault

CentriVault

CentriVault is a leading independent provider of Cyber Security and Data protection services to small and medium enterprises (SMEs).

Orchestrate Technologies

Orchestrate Technologies

Orchestrate Technologies provides computer network and IT managed services for small and mid-market clients as well as small enterprise businesses.

Night Lion Security

Night Lion Security

Night Lion Security provides discreet and bespoke investigation and incident response recovery services.