It’s that point of year again, all you CISOs and other security leaders: time to reflect on the year past and to vow yourself you’ll make next year most better, both personally and professionally. Considering how most of 2020 played out, nobody could blame you for thinking it can only recover.
For security practitioners, 2020 was a year of extraordinary disruption. For many, the coronavirus pandemic meant scrapping their carefully crafted strategic plans and focusing their security efforts and resources on adapting to the new normal. Business models—and the IT needed to support the business—changed overnight. Resiliency and work-from-home-related cybersecurity concerns became priorities, and conferences offering important networking and learning opportunities shifted from crowded convention halls to solitary web browsers.
At now, making New Year resolutions for 2021 might desire a fool’s errand; this year taught us that if anything unexpected can happen, it probably will. But there’s no harm in setting some goals which will cause you to r organization more secure; make your team feel more connected and engaged; and make you a better, more balanced security leader.
While many organizations are detecting compromises faster than before, nearly 28% of breaches took weeks and sometimes months to detect, consistent with the 2020 Verizon Data Breach Investigations Report. That’s an extended time for a motivated threat actor to get on the loose with access to sensitive data. For 2021, resolve to gauge next-generation security tools that augment traditional intrusion detection and prevention systems, like machine-learning-driven solutions like Verizon’s Network Detection and Response service, which supports near real-time and retrospective packet-level inspection.
Unmanaged threat intel is often a fireplace hose of irrelevant information, so pledge to tame the beast in 2021. It’s not about “more intel”; it’s about integrating the foremost meaningful intelligence into your security operations. Also, while it’s often viewed as a luxury when there’s such a lot else to specialise in, having a line of sight into the internet’s underbelly—the dark web—will greatly enhance your understanding of your specific threat landscape.