Webinar playback: Making your cyber resilience budget work smarter – three key questions
Around the world, businesses in all sectors are in the midst of huge change. With changing ways of working and reduced investment, business leaders are now having to approach cyber security in new ways.
But with security budgets under increasing pressure, how can CISOs and senior leaders prioritise spending and continue to build resilience within their organisation?
NCC Group’s Ade Clewlow, Paul Vlissidis and Lawrence Munro tackle three of the most pressing questions facing CISOs today.
1. How can CISOs and IT Security professionals prioritise investment in a challenging economic environment without putting their networks at risk?
Paul Vlissidis (PV): “When budgets are tight, CISOs have to get used to doing the same, or more, with less. Unfortunately, it’s a less than ideal time to be cutting security spending. Research from Portsmouth University has revealed that fraud rises during recessions, often linked to an increase in ransomware and other potentially lucrative attack methods.
“So, what can businesses do? Over the last few months, organisations have had to accelerate their digital transformation journey – and now is a perfect time to revisit and re-evaluate the decisions that have been made.
“As always, basic security hygiene – credential management, multi-factor authentication, and patching – has to be a priority, closely followed by the ability to detect and respond to attacks.”
Lawrence Munro (LM): “Right now, the opportunity is to focus on the fundamentals of security. When it comes to red team exercises or technical assessments, we often find that organisations fail at the basics, so re-examine your attack surface with this in mind.
“There’s also an opportunity to demand more value from your suppliers and vendors – lean on the partners and advisors that you trust for support as you re-evaluate your approach to security.”
2. What approach should CISOs and senior leaders prioritise when considering their next steps to secure assets?
PV: “Processes have changed, with many employees now working remotely, and security policies may have been relaxed over the last few months to allow this to happen as quickly as possible. However, these decisions need to be kept front of mind so that you have a strategy in place to allow you to deal with this moving forward.
LM: “It’s time to take stock and look back at any hastily made decisions or policy changes that have
been made in the last few months. As people start to adopt a hybrid model of going into the office and working from home, it raises the risk of shadow IT, which has been more of an issue during COVID-19 as people battle with systems that were not designed for this new way of working.
“Assessing your current processes and systems can be useful in mapping out any weaknesses. This can provide you with a snapshot of what your security looks like now, as it may well be different compared to what it was before.”
3. How can CISOs and IT security professionals articulate risk in measurable business terms? How can they make themselves heard?
PV: “Firstly, you need a solid evidence base. You might have data from networks and systems that you can point to, and red teaming is also a great way to map out potential routes into your organisation’s systems.
“Secondly, when it comes to convincing the board, your biggest allies are non-exec directors, so it’s worth making sure that they’re informed about pressing threats. The UK’s National Cyber Security Centre (NCSC) has a great toolkit to encourage discussions about cyber security between board members.”
LM: “If you don’t have evidence to back up your business case, look to partners who can help you provide this. You can also use open source projects such as MISP to help you gather threat intelligence in one place.
“If you can talk about the threat landscape in terms of how it specifically applies to your industry, this will also resonate within your board and help you to get the investment you need.”
You can listen to the webinar in full by clicking on the image below: