13 June 2017

Survey looks at expanding cyberattack surface, ways to expand security perimeters


by Tony Ware

Federal and defense agencies continue to approach cybersecurity spending on a project-based basis, hampering the organization’s potential to harness a holistic strategy, according to the 2017 edition of Cisco’s Annual Cybersecurity Report.

Analyzing responses from 433 private-sector respondents and 59 public-sector respondents, the tech company found 54 percent of the public-sector organizations surveyed acquired cybersecurity solutions piecemeal, addressing specific concerns but not correcting a cybersecurity posture with exploitable gaps.

Only 28 percent of public-sector organizations followed an enterprise architecture approach, indicating that cybersecurity acquisition decisions are reactive to specific threats rather than paving the way for products, practices and tools that can expand to apply automated infrastructure to the needs of the entire organization.

According to the survey, budget, current workloads, organizational culture and lack of trained personnel remain the top hurdles restricting federal agencies from implementing a platform-based approach to cybersecurity.

Mobile devices and cloud infrastructure are expanding the attack surface and endpoints to protect, and as the threat landscape expands so does the perimeter that must be secured. A majority of respondents feel senior leadership acknowledges this and makes it a high priority, but the private sector still boasts more confidence in the clarity of roles and efficiency of tools in security programs.

There is a feeling by the majority that access rights control and computer facility protection is being better managed, though information asset inventories and human resources security could be better.

According to Cisco, key drivers and safeguards of strong security are an executive team with clear, established metrics for assessing program effectiveness; a policy that enables mitigation and ensures regular review of practices; protocols for connection activity reviews to help prevent and detect breaches before full-blown incidents; and the judicious application of employee tools for review and feedback to categorize and track incident-related information.

No comments: