Sal Viveros, Head of Global Corp Communications at Ivanti.
getty
What do chocolate bars and cybersecurity have in common? Nothing. That is, until a new survey our company conducted asked executive leaders and security professionals a simple question about their organization’s ability to stave off a damaging security breach: Would you wager a chocolate bar on the protections you’ve put in place?
Now, we’re not talking about a diamond-wrapped chocolate bar. There’s no trick here. A chocolate bar is a metaphor for a highly available, inexpensive item (perhaps no more than $2) that’s accessible to most people and would be very accessible to the people surveyed. So, what’s the harm in wagering a chocolate bar, right? Surely it pales in comparison to an organization’s finely tuned security posture.
Or not. At least, as it turns out, not for a whopping 1 in 5 respondents in the survey. No, they said, we wouldn’t wager a chocolate bar on our organization’s ability to stave off a damaging security breach.
The Scale Of The Problem
If you’re cringing right now, you’re not alone. That’s an eye-opening response—especially when the number should have been 100%, not 20%. Extrapolate that to the entire global population of leaders and security professionals, and the implications are downright terrifying.
Now’s Not The Time
This result is particularly alarming given the highly complex work landscape we’re currently engaged in worldwide, with an ever-changing blend of on-premise, remote and hybrid structures. The Everywhere Workplace is excellent for the talent market and employee flexibility, but without the right tools and best practices in place, this landscape presents an expanded and attractive attack surface for relentless cyber threat actors.
To add further concern, the world is facing an economic downturn. A significant breach can spell disaster for a company even in a strong economic climate. Right now, many organizations are just one breach away from no point of return.
What Next?
Admittedly, there is one bright spot to the chocolate bar fiasco. This level of candor is refreshing, and it’s also the first stop on the road to a solution. After all, if you can’t admit that your security posture is in trouble (chocolate bar-level trouble, at that), you aren’t likely to be open to making improvements.
Even for those who aren’t part of the 1 in 5, it’s worth considering a global, institutional reset of our approach to cybersecurity. The world isn’t the same as it was five, two or even one year ago. Threat actors are constantly evolving, and our responses should be, too.
The path forward is too complex for the scope of this article, but there are a few fundamentals that should be addressed to help you get started:
• Manage, automate and prioritize your security. You can’t manage and protect what you can’t see. It’s vital to have a system that can automatically discover all endpoints and their status in real time. With detailed insights, you can act quickly to protect all your assets and maximize performance—and business productivity.
• Adopt a zero-trust approach. Zero trust is a security framework that assumes bad actors are always on your network. Always-on monitoring and adaptive enforcement deliver continuous protection at the user, device, app, network and data levels by continuously verifying posture and compliance and providing least-privileged access.
• Embrace risk-based, intelligent solutions. Look for a solution that provides a contextualized, risk-based view of your cybersecurity posture that enables you to prioritize the vulnerabilities that pose the most risk to better protect against ransomware and other cyber threats.
And above all, if you even hesitated on the chocolate bar question, take action immediately. This year is shaping up to be a significant challenge, both from a cybersecurity perspective and an economic perspective. Invest wisely.
Forbes Communications Council is an invitation-only community for executives in successful public relations, media strategy, creative and advertising agencies. Do I qualify?
