2 minute read
STRATEGIES TO AVOID CYBERSECURITY BURNOUT
from The Integrator
By: Adrian Taylor, Regional VP of Sales at A10 Networks
Advertisement
A study by Accenture revealed that less than half of new employees receive cybersecurity training and regular updates throughout their career.
Organisations must look to create a robust and distributed digital immune system with a radical reengineering of staff behaviour.
Create A Continuous Security Education Program
A “security-first” culture requires that all members of the culture appreciate the concept of network security threats. For this to actually have an impact on culture, however, staff must be trained routinely to ensure that their knowledge is current.
IMPLEMENT A ZERO-TRUST MODEL THROUGHOUT THE BUSINESS
Well-trained staff and a monitored environment are crucial to the successful protection of any organisation but without a foundational Zero Trust environment, defences will be intrinsically weak.
CSOs, CIOs and CISOs have never had it so tough. Alongside their traditional responsibilities, they must now face a cybersecurity threat environment that is growing exponentially, and a growing cyberskills gap. As a result, many of them are reporting burnout. Today, ransomware has become one of the greatest network security threats organisations have to deal with. As per the findings of the 2022 IBM Security X-Force Threat Intelligence Index, the Middle East and Africa (MEA) region was ranked fourth worldwide for the most ransomware attacks. According to a report by GroupIB, between Q1 2021 and Q1 2022, the data belonging to 147 companies from the MEA region was uploaded on ransomware dedicated leak sites (DLS). And this is only one of the many threats that organisations must deal with. Here are four strategies to make cybersecurity professionals’ organisations safer from the countless network security threats they will be facing in the near future:
CREATE A “SECURITY-FIRST” CULTURE
The problem for CSOs is that, while most employees have some basic knowledge of cybersecurity best practices, which is all they have. Without ongoing training, knowledge testing and awareness, staff behaviour is one of the biggest cybersecurity risks that organisations face.
The Zero Trust model is a strategy for preventing network security threats that all enterprises and governments should be using to defend their networks. It consists of four components:
• Network traffic control: Engineering networks to have micro-segments and micro-perimeters ensures that network traffic flow is restricted and limits the impact of overly broad user privileges and access. The goal is to allow only as much network access to services as is needed to get the job done.
• Instrumentation: The ability to monitor network traffic in-depth along with comprehensive analytics and response automation provides fast and effective incident detection.
• Multi-vendor network integration: Real networks aren’t limited to a single vendor. Even if they could be, additional tools are still needed to provide the features that a single vendor won’t provide. The goal is to get all of the multi-vendor network components working together as seamlessly as possible to enable compliance and unified cybersecurity.
• Monitoring: Ensure comprehensive and centralised visibility into users, devices, data, the network, and workflows. This also includes visibility into all encrypted channels.
At its core, the Zero Trust model is based on not trusting anyone or anything on the company.
