Today’s cyberthreat landscape is dramatically different from days past. Gone were the days when organisations can fortify themselves using security approaches that protect the organisation from the outside-in. As devices, data and mobility converge, and the attack surface broadens, securing the modern enterprise in an environment where skilled cybersecurity professionals are in short supply and resources are limited is posing huge challenges to many business and information security leaders.
A Microsoft and Frost & Sullivan study conducted in 2018 estimated the total economic loss as a result of cybersecurity breaches at S$24.2 billion for Singapore, equating to around 6 percent of the nation’s gross domestic product (GDP). When comparing the impact of cybersecurity breaches across organisations of different sizes, large organisations with more than 500 staff incur an average of S$18.9 million in economic loss, close to 80 times the average economic loss incurred by a mid-sized organisation with 250 to 499 staff.
With massive economic losses at stake from cybersecurity breaches, there is no doubt that security needs to be the number one priority. According to Forrester, 2019 will be a year of unprecedented cyberthreats. Hence today’s leaders must balance these security challenges with business needs to collaborate, innovate, and grow through digital transformation, and this requires a new approach to how organisations protect, detect and respond to cyberthreats.
Rapidly-evolving threat vectors and skill shortage among key challenges faced by security leaders
In my conversations with business and security leaders, balancing security challenges with business needs for innovation and growth is no easy task. In fact, it is a huge challenge for many of them today, especially with the numerous issues that they grapple with on a day-to-day basis. These include:
- Rapidly evolving threat vectors: As the number and variety of threat vectors increase, organisations and its leaders find it extremely challenging to keep up with the constantly changing cyberthreat landscape. Forrester predicted that state-sponsored attacks will reawaken this year, while the Microsoft SIR Volume 24 observed a rise in cryptocurrency mining against a backdrop of malware, ransomware and drive-by downloads encounters in Asia Pacific.
- Shortage of cybersecurity skills and talents: Today, there is an industry-wide shortage of cybersecurity professionals. Over 3 million cybersecurity job openings are projected to open up globally in the next two years. In Singapore, up to 3,400 cybersecurity professionals are required by 2020, highlighting the constant gap between the number of cybersecurity professionals needed and the actual number present to meet the security demands of organisations across the board.
- Complexity and number of security products to manage: The challenge for organisations today is the ever-increasing investment in cybersecurity solutions. Gartner estimated that worldwide spending on information security products and services will reach US$124 billion in 2019. However, the Microsoft and Frost & Sullivan study revealed that having a large number of security solutions doesn’t always equate to quicker recovery from cyberattacks. In fact, 38 percent of Singapore organisations with fewer than 10 cybersecurity solutions recover from cyberattacks within an hour, while only 29 percent of those with more than 50 solutions do so within the same time.
- Too many alerts and data to manage: Security leaders today are constantly bombarded by alerts and data. However, with the industry-wide skill shortage and limited resources they have, the decision-making process for detecting, investigating and responding to the right threat vectors isn’t always straightforward. At the same time, business leaders and board members are more interested than ever before in the organisation’s cybersecurity posture, putting additional pressure on security leaders to find the right solutions to shore up digital defence to secure modern enterprises.
- Continuously changing compliance and regulatory environment: The changing landscape for compliance and regulatory requirements is posing massive challenges for organisations to manage compliance alongside the security product lifecycle. With the General Data Protection Regulation (GDPR) being enforced last year, and new regulations expected to come into play in Asia, security leaders not only need to keep tabs on continuous compliance to industry regulations, but also on how the organisation is progressing against security best practices.
5 recommendations to enhance digital defence for modern enterprises
As a company that spends a billion dollars each year on cybersecurity, Microsoft analyses 6.5 trillion signals each day to uncover insights into cyberthreat trends across the globe. Drawing from these insights, we recommend five practical keys to help modern enterprises enhance their digital defence.
- Firstly, organisations must position security as a digital transformation enabler for the business. Not only does the disconnect between cybersecurity practices and digital transformation efforts create frustration for employees, cybersecurity is now necessary to keep the company safe throughout its digital transformation journey.
- Secondly, organisations need to evolve their cybersecurity strategy to an assumed breach approach. Leaders should adopt measures such as developing an organisational security playbook and implementing crisis management practices to help organisations be better prepared for future attacks.
- Thirdly, organisations can leverage artificial intelligence (AI), machine learning (ML) and integrated best-of-suite security tools. With cybersecurity talent in short supply, AI and ML can analyse data at scale, augmenting human investigators in detecting, investigating and responding to threats over a wider risk area.
- Fourthly, organisations should invest in training and education for employees and cybersecurity talents to ensure that their cybersecurity knowledge and skills are up-to-date and applicable against the constantly evolving cyberthreat landscape.
- Finally, with the rapidly changing landscape for compliance and regulatory requirements, companies should set up a shared responsibility model with security vendors to clearly define the control boundaries, and ensure that there are no overlaps or gaps in compliance processes.