Cybersecurity: How to ensure solutions aren't part of the problem
The following is a guest post from Jack Danahy, CTO and co-founder of Barkly.
Reflecting on the security headlines so far in 2016, many high-profile breaches come to mind, from the slew of ransomware attacks on healthcare organizations to the leaked user credentials from popular social networks. It’s clear that despite an increased focus on security, breaches are more prevalent, complex and impactful than ever. In response, businesses continue to throw money at the problem but have yet to come up with the right solution.
The cybersecurity market is booming, with millions of jobs to fill and always new products to choose from. Why then is it that IT professionals still lack confidence when it comes to protecting their users and endpoints?
In Barkly’s recent survey of 350 IT pros, almost one in five IT professionals indicated they don’t believe endpoint security is even possible, an indication that current solutions are not inspiring confidence among them. Beyond this, protection is also viewed as a drag on productivity — a major issue for today's IT teams who are expected to improve the efficiency of the entire organization.
Although uninspired by current solutions, IT teams indicated that they would jump at the chance to purchase something new and different, with a quarter stating that there is no limit to what they would pay for protection that was effective and reliable. This presents a major opportunity for vendors, but first, they need to address key issues that users hate about their products. The top three complaints among respondents were system slowdowns, unjustified cost and overly frequent updates.
To resolve these issues, organizations demand a solution that stops attacks — not just identifies and tracks them, but actually stops them — and it must not create the same pain as those they see today.
Internal alignment is the key to success
The good news is that the other 83% of IT pros believe endpoint protection may in fact be possible. So how can they get there without butting heads with management or slowing things down?
First, organizations must develop their own culture of security, internally. That means aligning security goals with business goals, and understanding how the former can support the latter.
When there is internal alignment around security, IT teams and executives have more clarity around what they need in order to be successful. Clearly defined goals and metrics — whether it’s a reduction in events, lower clean-up costs, or less downtime — need to be combined with an understanding of how they support the company’s larger goals and priorities. That kind of clarity and common purpose is crucial to building a security program that doesn’t just work, but makes work easier.
Case studies are more important than features
From there, companies should stop buying security software based solely on features and instead focus on use cases. A good way to avoid investing in solutions that drain productivity or collect dust is to ask vendors for contacts at companies similar to you (in size and industry) who have used their product successfully. That way, you can get a better understanding of how results were achieved and whether you’re realistically positioned to achieve them, too.
Start at the endpoint
Finally, since most major breaches begin on user systems, a good way to prioritize early security efforts is to center them on strengthening the endpoint. When user devices are better protected, you’ll be much more successful at stopping attacks before they execute and spread. A layered approach — one that includes traditional antivirus, behavioral-based protection for new attacks, and even user education — will help bolster endpoint security and keep employees and services up and running.