FEATURE done . Conducting a pen test is one thing , but acting upon the results is another . It often comes down to budget , but as we ’ ve already established , the value of spend before an attack greatly outweighs the value after .
Unfortunately , the nature of cybersecurity means we will never reach a point of being 100 % secure – there is always a new threat vector waiting around the corner , or a new attack kit being deployed . Security teams are essentially partaking in a long-term dance with criminals – sometimes taking two steps forward , or two steps back – but always alongside each other . As an industry , we need to break this hold and move out in front of the adversaries .
The security resolution
So , as we approach 2022 , it ’ s important to set out the security priorities based on what we ’ ve learned from the last year . Ransomware will get more sophisticated and supply chains will become more
Moving into 2022 , our security resolution must encompass the following : cyber hygiene fundamentals , a decrease in complexity and a preventative approach .
complex , so the next phase in security must be based on prevention . Like the Mike Tyson saying : ‘ Everyone has a plan until they get punched in the mouth ’. Rather than plan for what happens when the punch arrives , take the proactive decision to step out of the ring .
2021 has taught us that complexity is the enemy of security . If processes are too complicated , they become far harder to protect . Our security resolution should start with reducing this complexity where possible and taking the necessary time to do it properly . Patching , for example , is ineffective if the business prioritises a quick fix rather than finding the root cause of the vulnerability . This is particularly important for legacy technology . It ’ s understandable that not all businesses can afford to replace all their legacy solutions with modern alternatives , but they mustn ’ t be neglected .
Every member of an organisation is now responsible for cybersecurity . To pull away from the horde of cybercriminals banging against the walls of our network perimeters , we must work as units and continue to strive for the next phase in our security development . Moving into 2022 , our security resolution must encompass the following : cyber hygiene fundamentals , a decrease in complexity and a preventative approach . u www . intelligentciso . com
39