Data breaches are getting more frequent and more severe – how can CISOs change their posture from reactive to proactive?

Every CISO and IT security professional knows that cyber risks are exploding, with cyber crime syndicates becoming increasingly aggressive and sophisticated. To their credit, security execs are putting out fires and putting mitigation measures in place as fast as they can.

Unfortunately, most are hampered by resource constraints, increasingly complex environments, and the fact that you ‘don’t know what you don’t know’. Even with all the right patches in place, organisations are usually unaware of the number of threats lurking in their environments.

In over 90% of the incident response cases we have worked on in South Africa, we have identified additional threat actors inside the environments, and many of them have been there for years. Without visibility, organisations have no way of knowing what is inside their environment – until it’s too late. In this increasingly risky environment, cyber security has to move out of reactive mode.

The Institute of Risk Management (IRM) South Africa says in its Risks 2022 report that digital transformation is driving a need for risk management frameworks to be more adaptive. Organisations need ‘strategic foresight’ in an ever-changing global risk landscape, the report says.

In the cyber security realm, having strategic foresight and acting on it – in other words being proactive and defending forward – requires a whole new approach to security and risk management. It requires a comprehensive suite of solutions, new approaches and revised mindsets throughout the organisation.

Proactive cyber risk management is crucial for protecting the business and maintaining the trust needed between the organisation, its customers, partners and other stakeholders. Why is trust and cyber risk mitigation so important? For one thing – breaches are costly. The annual Ponemon Institute and IBM Cost of a Data Breach Report says the global average cost of data breaches reached an all-time high of $4.35 million this year.

Organisations with properly deployed security AI and automation, and regularly tested incident response plans had significantly lower breach costs. But trust and cyber risk management are also at the heart of compliance and business risk. Gartner predicts that by 2025, 60% of organisations will use cyber security risk as a primary determinant in conducting third-party transactions and business engagements.

What is proactive cyber risk management?

Business leadership needs to take cyber risk as seriously as any other risk – in fact, more so – and the CIO and CISO need to be involved in all strategy and new project development from the outset, to ensure security is built in from the ground up.

Proactively hunting down all potential threats and staying abreast of all emerging risks is a mammoth task in an environment in which expert cyber security skills are hard to find and new malware emerges at a rate of over 10 million malicious programs per day. This means security teams need advanced support in the form of automation, artificial intelligence, machine learning and big data analytics, backed by comprehensive real-time threat intelligence.

Organisations will also have to take a Zero Trust approach, moving the ‘castle walls’ from the perimeter, to every endpoint, user and piece of data, with solid identity and access management in place. Gartner expects that 60% of organisations will embrace Zero Trust as a starting point for security by 2025.

Organisations should also be proactive in identifying inefficiencies in their cyber risk management and incident response strategies that could cost them precious minutes in the event of an attack.