Security Leaders Share 5 Steps to Strengthen Cyber Resilience
With new threat actors emerging every day, cybersecurity has become a critical business imperative. Security leaders must stay competitive in a rapidly evolving business landscape while also defending against threats, reducing complexity, and facilitating digital transformation.
To better understand the top concerns among CISOs, Microsoft Security conducted a survey about cyber resilience. Keep reading to uncover our results.
Hybrid work has forced businesses of all types into the cloud. As a result, 61% of security leaders said they view the cloud as the digital feature most susceptible to attack, and two out of three believe that hybrid work has made their organizations less secure.
This concern is not unfounded, given that 40% of all attacks in 2021 and half of all cloud attacks significantly impacted businesses. Microsoft’s research revealed that breaches due to cloud misconfiguration are just as common as malware attacks and are even more associated with significant damage to the business.
Securing the cloud is different from securing an internal network and can often be challenging. We recommend leveraging cloud security specialists to avoid administrator errors like misconfiguration and inconsistent implementation of security policies.
One in five businesses experienced a ransomware attack in 2021, and roughly one-third of security leaders listed ransomware among their top concerns. And while the financial aspects of ransomware are disruptive, they’re only part of the story. Some 48% of ransomware attack victims in our study reported that attacks caused significant operational downtime, exposure of sensitive data, and reputational damage.
Ransomware attacks come down to three primary entrance vectors: remote desk protocol (RDP) brute force, vulnerable Internet-facing systems, and phishing. Organizations can limit damage by forcing attackers to work harder to gain access to multiple business-critical systems. Zero-trust principles like least-privilege access are especially effective at preventing attacks from traveling across networks and addressing human-operated ransomware.
An interesting mindset shift is happening among CISOs: A strong security posture should focus on building awareness of the threat landscape and establishing resilience, not on preventing individual attacks.
Microsoft’s survey data supports this line of thinking; 98% of respondents who reported feeling extremely vulnerable to attack were also implementing zero trust, and 78% already had a comprehensive zero-trust strategy in place. Because zero trust assumes a breach and optimizes for resilience rather than protection, respondents who indicated maturity in their zero-trust journey were also more likely to see attacks as an inevitability rather than a preventable threat. And while implementing zero trust does not necessarily result in fewer attacks, it can help reduce the average cost of a breach.
While this data may seem dire, many CISOs are also optimistic about their ability to manage future challenges down the road.
For example, nearly 60% of leaders said they see networks as a vulnerability today. Yet only 40% see the issue persisting two years from now. Likewise, 26% fewer cite email, collaboration tools, and end users as anticipated concerns in 2024 compared with 2022, and roughly 20% fewer see supply chain vulnerability as a top concern. Only operational technology (OT) and Internet of Things (IoT) are expected to be the same or more of a challenge two years from now.
Building on a strong zero-trust foundation, organizations can optimize their existing security investments, like endpoint detection and response, email security, identity and access management, cloud access security broker, and built-in threat protection tools.
Today’s CISOs are being asked to do more with less. Security leaders must make the most of their existing resources by setting the right priorities — starting with foundational cyber best practices.
Microsoft estimates that 98% of cyberattacks can be thwarted by basic security hygiene, such as multifactor authentication (MFA), least privilege access, regular software updates, anti-malware, and data protection. Yet only 22% of customers using Microsoft’s cloud identity solution, Azure Active Directory, had implemented strong identity authentication protection as of December 2021.
Strengthening your cyber resilience does not happen overnight. It is a continuous journey that all organizations are on as we move forward in this rapidly changing threat landscape. By prioritizing what needs to be attended to first based on risk, organizations can incrementally apply these five steps to confidently move toward better cyber resiliency.