Resilience: The Key to Future-Proofing Your Security Program 


Following the last year, one word we can all identify with is resilience. Despite different backgrounds, locations, perspectives and roles, one common thing that unites us all is the need to adapt and respond to change.    

Resilience was the key theme from this year’s RSA conference, which kicked off with an inspirational message from Cisco’s CEO Charles (Chuck) Robbins.  

When the pandemic shut down many companies across the globe, Cisco was tasked with deploying the technology that connected the world in a new way. Fully remote workforces sprung up, seemingly overnight. This not only created enormous technical and logistical efforts, but it also accelerated many security challenges.   

When we consider that many people use as many as four devices to connect to the internet, this expands the threat landscape. Couple this with the fact that cybercrime profits have exceeded billions of dollars, this places cybercrime right below the Gross Domestic Product of the United States and China.  

Resilience is also the key to effective cybersecurity. 

The vision for a post-pandemic world is one where Cisco will invest more to make the world a safer place, while carrying out that vision in less time than ever. Even before the pandemic, it was clear that the perimeter of organizations’ networks was dissolving. The pandemic accelerated that; there is no longer a perimeter. 

Chuck’s overarching message was that the pandemic recovery must be both inclusive, and secure.  

“We can get there with the right technology, the right approach, and investing in people.”

The Right Technology 

The key is a platform approach with a focus on end-to-end security. It is clear that no one can stop every threat. This is all driving the need for better security. However, security must be achieved in a way that is simple. All the information required to make actionable decisions must be correlated in a comprehensive infrastructure. Information must be based in real time, leveraging technology such as artificial intelligence and machine learning. The success of Cisco’s SecureX platform shows that this is an attainable goal. 

The Right Approach 

One of Cisco’s core responsibilities is to create trust, not only for its clients, but for its own staff. Customers and employees need to know that their data is protected and secure. When people are connected with the right technology, it is empowering – to give people all over the world the ability to connect, to learn, and work remotely is tremendous but it needs to be secure. 

The Right People  

Part of Cisco’s investment in the future is not only about technology, but also about people. There are around 2.8 million cyber professionals globally, but there are currently more than four million unfilled cybersecurity jobs. There is no other industry where the open positions exceed the number of available positions at such a grand scale. Cisco is seeking not only to enable the workforce by looking at the existing talent pool, but also tapping into unconventional places to find new talent.  

What Makes a Security Program More Successful? 

Chuck outlined some of the key areas of focus for Cisco moving forward and the cybersecurity industry, but attendees of RSA Conference 2021 also got to hear from Cisco’s Head of Advisory CISOs, Wendy Nather, and Dr. Wade Baker, of the Cyentia Institute. 

 Wendy and Wade opened the final day of the conference with by asking the question “What (Actually, Measurably) Makes a Security Program More Successful?” For their session, they drew upon the findings of the Cisco 2021 Security Outcomes Study to discuss a methodology that is measurable, and actionable.  

The study revealed some predictable results, however, the data spoke of much more interesting and surprising information. The predictable purpose of cybersecurity includes enabling business, managing risk, and operating efficiently. Arguably, does anything else matter in security? 

One of the most significant findings of the Cisco study was that a tech refresh showed a very strong correlation to a positive security outcome. What matters most overall include proactive tech refresh and well-integrated technology. Along with that, organizations that deployed 23 out of the 25 practices outlined in the report resulted in at least one improved outcome.

The most encouraging revelation of this, plus the other findings, is that what we do in security actually matters! 

Nonetheless, successful outcomes are not all technical, as many of the remaining successful outcome drivers are governance-related, including sound strategies, efficient use of automation and program performance metrics.  

Wendy reiterated that, as always, the message is still that there is no magical solution to security. Yet, certain practices showed significant statistical results, and the findings of the Security Outcomes Study are empowering, as they offer a roadmap towards building a successful security practice. The information from the report is a useful tool for achieving the goals that are most important for your business. 

Learn more about the Cisco 2021 Security Outcomes Study and how it can help future-proof your security program here.


We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!

Cisco Secure Social Channels

Instagram
Facebook
Twitter
LinkedIn





Source link