Editorial

Why organisations need a proactive approach to tackle evolving cyber threats

Scott Goodwin, CTO, DigitalXRAID, looks at how NIST’s new sixth pillar, Govern, enables organisations from a people and process perspective.

Posted 26 October 2023 by Christine Horton


IBM’s latest annual Cost of a Data Breach report found that organisations take an average of 204 days to identify a breach, before taking a further 73 days to contain the threat. Too often, today’s cybersecurity strategies are highly reactive and why we continue to see dwell times like this because organisations are not prepared enough in advance. To mitigate surging cyber risk, organisations need to understand the importance of proactive security and its pivotal role in safeguarding against attacks.

A vital shift

The traditional approach to cybersecurity often involves reacting to threats after they’ve occurred. However, as cyber threats become more sophisticated and pervasive, this is no longer viable. Recently, the National Institute of Standards and Technology (NIST) reformed its cybersecurity framework, introducing a sixth pillar known as ‘Govern.’ This updated framework places significant emphasis on the involvement of business leaders in proactively crafting robust cyber risk mitigation strategies, and effective communication between the boardroom and the security team regarding security posture across the organisation, will be a crucial enabler.

Taking a proactive approach

Perhaps the most important part of security strategy is the culture that wraps around it. It’s also the hardest thing to get right. Humans are fallible creatures. prone to get distracted, make mistakes and do the wrong thing from time to time. From a security perspective, these mistakes could have a catastrophic impact – 88 percent of breaches have been traced back to human error. But the good news is that people are also creatures of habit. Identify the good ones, and these can become champions to help proactively build a stronger security-centric culture with people at its heart.

The best way to start is by getting the basics right. Employees are often the first line of defence against cyber threats. By educating and empowering employees, organisations can significantly reduce the risk of falling victim to cyberattacks. Encouraging employees to report potential threats, such as phishing emails, immediately to IT can mitigate further damage. Training and awareness programmes are a great way to instil a proactive cybersecurity culture across your organisation. They should make use of phishing simulation platforms that can be used to automatically test employees against the latest scams and better prepare them on how to respond if they’re victim to attacks. These exercises should be run little and often, to reinforce good behaviours and get security front-of-mind. It’s vital to include everyone from the boardroom to contractors. Anyone with network access is a potential insider risk.

Preparation is key to proactivity

Scenario-based playbooks enable organisations to simulate cyber incidents and practice their response. This proactive approach ensures that teams are better equipped to handle real threats when they arise. To help with the task, NIST has outlined incident handling scenarios based on common attack vectors that can be used as a basis for defining specific handling procedures. Organisations should use these as a benchmark to help develop their own incident response strategy – there is not one size that fits all when it comes to incident response, so organisations must ensure that they develop a strategy suitable for their business size, and one that is tailored to the specific cyber risks they might face. A retail or financial services business, for example, will likely be targeted for the valuable personal data it holds, whereas an organisation that makes up part of the critical national infrastructure should be wary of attacks aimed at causing disruption and downtime. In identifying these likely instances, organisations will be forced to determine their ‘crown jewel’ assets – what is most important to the business? How can processes be put in place to ensure that these assets are protected or quickly recovered in the wake of an attack? And, crucially, who is responsible for doing this?

Invest wisely

IBM revealed that the average cost of a data beach reached an all-time high in 2023 – currently at $4.45 million. Yet organisations seemed split on whether to increase security investments. In such a competitive landscape, it’s difficult to know what to spend money on, and that’s where outsourcing can help. Outsourcing cybersecurity can provide organisations with access to specialised knowledge and resources and proactive risk mitigation and decision-making, effectively de-risking the security landscape.  Organisations will benefit from the visibility outsourced teams have into the broader threat landscape, across other customer environments. As well as prioritising emerging threats to keep the organisation safe, the intelligence collected can be used to understand where the most critical security gaps are in the organisation.

In a world where cyber threats are a constant presence, proactive security is no longer optional but essential. With the right strategy and a commitment to proactive security, businesses can better protect themselves in the face of evolving cyber threats. Embracing these principles will help organisations thrive in an increasingly digital and interconnected landscape.

Event Logo

If you are interested in this article, why not register to attend our Think Digital Identity and Cybersecurity for Government conference, where digital leaders tackle the most pressing issues facing government today.


Register Now