The New Cyber-Pragmatism
Focusing on Breach Prevention Alone Is an Obsolete Strategy
Organizations know they can't keep all cyberattackers out. Gone are the days when enterprises spent more than three-fourths of their IT security budgets on preventive initiatives, according to Anderson Research. Instead, as cyberattacks continue to skyrocket, portfolio managers are prioritizing detection and response efforts, according to a 2017 Gartner report. Overall spending on cybersecurity projects will jump from US$90 billion in 2017 to US$113 billion by 2020, the research organization says.
“The strategy of defense and prevention is still used, but we're also augmenting it with detection and response at a different layer,” says John Petrie, chief information security officer (CISO), NTT Security, San Antonio, Texas, USA. “And, as technology advances, companies are investing in more advanced detection and response capabilities to shore up and improve this layer.” He points to machine learning and artificial intelligence capabilities as two tech areas that are rapidly moving the needle on detection initiatives.
This organizational change also means a shift in IT portfolios. It's not just which projects get the green light, but also which metrics define project success and how benefits are measured. In the past, any breach was enough to deem a project a security failure. But now, a project might be judged not for how airtight it is, but for how little damage is done during a breach.
Overall spending on cybersecurity projects will jump from US$90 billion in 2017 to US$113 billion by 2020.
“The strategy of defense and prevention is still used, but we're also augmenting it with detection and response.”
—John Petrie, NTT Security, San Antonio, Texas, USA
A lock screen from a cyberattack warns that data files have been encrypted.
BLOOMBERG PHOTO VIA GETTY IMAGES
“CISOs are keen to communicate the return on investment of their security strategy in terms of the business value associated with quick damage limitation, in addition to threat prevention and blocking,” research director Lawrence Pingree noted in the Gartner report.
According to a 2017 PwC report, the next frontier will be an uptick in collaboration across organizations—a process of sharing real-time threat intelligence with business peers, industry groups and government agencies. Because when data pirates seem to be lurking around every corner, businesses may find there's better safety in numbers. —Kate Rockwood