A new report indicates that cybersecurity resilience is a top focus for companies as they look to defend themselves in the modern threat landscape.
Based on survey responses from over 4,700 IT pros across 26 countries, 96% said security resilience is a high priority, according to Cisco’s annual ”Security Outcomes Report, Volume 3: Achieving Security Resilience,” which the company released last month.
The reason is not hard to fathom. In the past two years, most experienced a security event that impacted business. Network or data breaches (51.5%), network or system outages (51.1%), ransomware events (46.7%), and distributed denial of service attacks (DDoS) (46%) were the leading types of incidents.
Such incidents led to a host of problems across the enterprise. These included IT and communications interruption (62.6%), supply chain disruption (43%), impaired internal operations (41.4%), and lasting brand damage (39.7%).
Achieving Security Resilience
The report delves into the factors that could provide the biggest gains in enterprise security resilience, whether based on culture, IT environment, or security technology.
Cisco took these factors and devised a security resilience scoring system based on seven areas. Those most closely adhering to these core principles are in the top 10% of resilient businesses. Those missing most of these elements are in the bottom 10%.
Culture is especially vital. Those with poor security support from the C-suite score 39% lower than those with strong executive support. Similarly, those with a thriving security culture score 46% higher than those lacking it.
But it isn’t all about culture. Staffing, too, played a definite role, whether based on experienced staff, certification and training, or the sheer number of internal resources. The report shows those companies maintaining extra internal staffing and resources to respond to incidents gain a 15% boost in resilient outcomes.
In other words, headcount can mean the difference between faring well and poorly during an event. Those organizations trying to get by with as few IT or security personnel as possible are cautioned to consider a change of approach.
In addition, the report compares levels of resilience between on-premises, public cloud, and hybrid environments. Those adopting a mostly on-premises or mostly cloud approach score well on resiliency with neither one dominating.
It appears that a commitment to be wholly public cloud or wholly on-premises impacts cyber resilience positively.
It is those in the midst of the transition or who aren’t quite sure whether to invest in more cloud or bring things back in-house who need to be most wary. The report highlights the need for caution in the switch to the cloud, particularly for those in the initial stages of the move or those establishing a hybrid cloud environment. Their scores drop between 8.5% and 14% in terms of resiliency, depending on how difficult the hybrid environments are to manage.
Businesses need to take care to reduce complexity when transitioning from on-premises to the cloud, according to Helen Patton, CISO, Cisco Security Business Group.
See more: 10 Top Hybrid Cloud Trends
Zero Trust, XDR, and SASE Improve Resilience
The Cisco report emphasizes the importance of recent developments on the security front, such as zero-trust network architecture (ZTNA), extended detection and response (XDR), and secure access services edge (SASE).
While culture, head count, and architecture all influence cyber resiliency, so too does the adoption of the right security solutions. Zero trust, for example, increases scores by 30%: Those adopting the zero-trust model, principles, and associated technologies achieved a higher level of resilience.
Additional technologies that make a difference are XDR, which correlated to a 45% increase in resilience for organizations adopting it compared to those lacking detection and response solutions. Similarly, those simplifying their infrastructure through the convergence of networking and security courtesy of SASE see a jump in security resilience of 27%.
See more: How to Build a Zero-Trust Network Model
“Value is protected”
Companies need the ability to “anticipate, identify, and withstand cyberthreats, and if breached, be able to rapidly recover from one,” said Patton with Cisco.
“That is what building resilience is all about,” Patton said. “Security, after all, is a risk business. As companies don’t secure everything, everywhere, security resilience allows them to focus their security resources on the pieces of the business that add the most value to an organization and ensure that value is protected.”
The “Security Outcomes Report” is “a study into what works and what doesn’t in cybersecurity,” said Jeetu Patel, EVP and GM of security and collaboration, Cisco.
“The ultimate goal is to cut through the noise in the market by identifying practices that lead to more secure outcomes for defenders.”
Convergence in the Network Security Market
Cisco is a leader in the convergence of security and networking. And with good reason. The worldwide network security market has maintained double-digit revenue growth for eight consecutive quarters, according to Dell’Oro Group.
Mauricio Sanchez, an analyst at Dell’Oro Group, explained that enterprises are beginning to think differently about networking and security. Instead of considering them as separate toolsets to be deployed once and infrequently changed, convergence is taking root.
“The vendor community has responded with a service-centric, cloud-based technology solution that provides network connectivity and enforces security between users, devices, and applications,” Sanchez said.
“SASE utilizes centrally controlled, internet-based networks with built-in advanced networking and security-processing capabilities. By addressing the shortcomings of past network and security architectures and improving recent solutions — in particular, SD-WAN and cloud-based network security — SASE aims to bring networking and security into a unified service offering.”
See more: 5 Top Network Security Trends