Risk-Based Cybersecurity Prevents Cyber Attacks and Data Breaches
Steven Minsky | Oct. 20, 2015
There are many prominent cybersecurity companies, including FireEye and Symantec. These companies “focus on blocking or detecting intrusions as they occur or responding to attacks after the fact,” according to The New York Times. Sometimes, this approach yields fruit, but inherently, it cannot “gain the upper hand” over threats; no matter how quickly security responds to an intrusion, that intrusion is already underway.
This is why cyber intelligence agency ISight zeroes in on hackers’ objectives (rather than current victims), potential targets, and overall strategies. It identifies and eliminates the “root cause” of data breaches, which allows it to prevent harmful events instead of trying to minimize fallout.
The root-cause approach is not limited to cybersecurity. It can be applied to virtually any type of organizational risk in any industry. LogicManager’s risk management software uses a patent-pending risk Taxonomy in much the same way that ISight analysts use their research: to identify and eliminate threats before they turn into organizational loss.
John P. Watters, ISight Chief Executive, explains that his company’s primary concern is “left of boom,” which The New York Times identifies as the momentary, disconcerting quiet before a device’s detonation. Successfully identifying “left of boom” can be exceedingly difficult, in part because cyber threats are particularly insidious; they constantly and rapidly evolve in an attempt to circumvent defenses, which means security measures must adapt in kind.
One of the biggest issues when it comes to risk identification is the prioritization of those risks; the Ponemon Institute reports the average company gets a staggering 16,937 alerts per week, and only four percent of those are investigated. Businesses are “awash in a sea of critical alerts every day,” and a lack of ERM process means they have “roulette odds of picking the right one.” Nobody can do it all, so an ERM solution focuses on prioritizing and predicting the crucial four percent of alerts that need immediate investigation.
What’s even more disturbing is that when cyber attackers succeed in making fraudulent withdrawals from business accounts, many banks refuse to cover the losses, meaning victims must simply live with the results. Dr. David Krier, the sole owner of Volunteer Voyages, had more than $14,000 stolen from his business’s account, according to NPR. The bank was able to refuse compensation based on the fact that Regulation E of the Electronic Fund Transfer Act technically only applies to personal accounts.
This makes it more important than ever to prevent adverse events or business surprises, rather than attempting to cure the fallout after they occur. An Enterprise Risk Management solution can facilitate the prioritization of threats, and help you manage your cybersecurity program, so that your organization is dedicating resources where they’ll have the most impact. An ERM solution will also make it straightforward to prove that your IT governance and security program is up-to-date and utilizing best practices from NIST, ISO, COBIT, and the SANS Institute with the click of a button.