BUSINESS SURVEILLANCE
For most modern organisations , ransomware itself isn ’ t the biggest problem , but rather the effectiveness of the technology in place to protect against it . As vendors launch new security tools over time , CISOs buy and deploy them in the belief that they are bolstering their existing solutions . However , with every new tool creating its own constant stream of information and alerts , if this data flow isn ’ t properly managed or centralised , it can quickly become overwhelming which leaves business more vulnerable than they were before , in some cases .
To put this into context , a recent Cisco Benchmark report found 40 % of organisations receive 5,000 alerts every day – with 16 % facing more than 10,000 – from the 30 + different security tools they have deployed . Not only does this cause extreme alert fatigue among security teams , it makes genuine threats much harder to identify quickly . Even when a noteworthy threat is spotted , it can take an average of 25 minutes
Most businesses don ’ t have a ransomware problem , but a ‘ technology effectiveness ’ one .
to triage , with deeper investigation extending to hours or days thereafter . Cybercriminals capitalise on this fact , which if we consider the fastest time from breach land to expand being at 18 minutes or so , it ’ s critical that we look to capabilities that enable effective detection and response functions in the fight against malware in general .
Further compounding the issue is the fact that many CISOs don ’ t actually know where their most sensitive data resides , having never taken the time to properly classify it all . The recent hyper adoption of cloud SaaS offerings , in response to a forced shift in working practices , only compounds this problem . If we don ’ t truly know where their sensitive data is – or even why it needs protecting – then it goes without saying that the security solution put in place won ’ t be anywhere near as effective as it could be .
Building an effective mitigation strategy
It ’ s long been said that to ‘ know your enemy , you must become your enemy ’. Advancing such a notion to the age of cyber warfare relies on two key elements . First is to take the time to review and research who or what you ’ re protecting your business assets from . Second is the implementation of continuous improvement and testing initiatives to ensure no stone is left unturned in the cybercriminal vs . corporation battlefield we ’ ve all
64 Issue 30 | www . intelligentciso . com