New thinking on cybersecurity policies, processes, people and products are necessary for organizations to reverse perceptions, and perhaps realities, that they are falling behind in their preparedness, according to a new report from CompTIA.
CompTIA’s “2021 State of Cybersecurity” report, based on a recent survey of business and IT professionals in the United States, examines current cybersecurity strategies and outlines the tactics needed to elevate a cybersecurity presence to meet today’s threats.
“Complexity is the common theme across the cybersecurity landscape,” said Seth Robinson, senior director for technology analysis at CompTIA. “As a result, organizations must approach cybersecurity with a completely different mindset. Practices considered good enough in the recent past are no longer sufficient.”
Three in 10 survey respondents said they are “completely satisfied” with their organization’s approach to cybersecurity, while 27% feel the general state of cybersecurity is “improving dramatically.”
The cybersecurity issues organizations must consider are complex and numerous. Top of mind for companies are the volume and variety of attacks, cited by 49% and 43% of respondents, respectively. Privacy concerns (40%), greater reliance on data (38%) and quantifying security issues (34%) are other factors companies must account for when developing cybersecurity policies, implementing new practices and making investments.
The emerging new mindset on cybersecurity has as its foundation the concept of zero trust. Rather than assuming that network traffic or user access is harmless due to origin or credentials, zero trust requires verification at every step. The report acknowledges that a shift to a zero-trust policy is likely to be a more expensive than other approaches. Among companies in CompTIA’s survey currently pursuing a zero-trust architecture, 75% have found that more investment is required for zero trust than for their previous cybersecurity initiatives.
Processes to implement the cybersecurity policy are the next step. Security monitoring (49%), workforce assessments and education (41%) and threat intelligence (41%) are among the processes most often used today. While most companies focus their monitoring on traditional cyber threats such as viruses and malware, there is interest in improving knowledge around phishing, ransomware, firmware hacking, IP spoofing and other new types of attacks.
While supply chain attacks have grabbed recent headlines ransomware continues to be a powerful threat, with the average cost of remediating a ransomware attack estimated at $1.85 million.
The use of workforce assessments and education is a reminder that the weakest link in cybersecurity continues to be humans. While not every employee requires the same level of cybersecurity knowledge and training, companies are keenly aware that skills must be kept current and relevant. Approximately four out of ten companies feel that they need significant improvement in skill levels.
Complexity also extends to the toolbox of cybersecurity products available to organizations. Antivirus software (54%) and firewalls (52%) remain the most commonly deployed solutions, with both becoming more robust in the protections they provide. Other products that are getting a closer look are password managers (44%), identity and access management tools (43%) and security information and event management solutions (41%).