What if your job security depends on keeping your organization secure, yet your cannot achieve this until a cyberattack has occurred?
When Jonathan Tan, Managing Director (Asia), Trellix, casually noted a trend where Singapore CISOs were seeking help after their firms had suffered a cyber incident, he commissioned a survey to dig deeper.
The finding was that, only after a major incident were management boards granting CISOs the resources to invest in extra cybersecurity help.
This is what CybersecAsia.net found out about an apparent lag in Singapore organizations’ preemptive defense cyber posture…
CybersecAsia: Can you share your organization’s own metrics about the trend that CISOs may receive increased board support only after a cybersecurity attack?
Jonathan Tan (JT): We have been seeing increasing queries from businesses after a cyberattack and hence we wanted to understand more about the current cybersecurity posture that organizations are adopting.
The most significant finding from our research was that all CISOs in Singapore received more support from the board only after an attack. This support manifested in various forms, such as receiving an increased budget for additional technology, revising their overall security strategy, implementing new frameworks and standards, and even creating new jobs and responsibilities after an attack.
Essentially, we have identified that there is a clear need for a proactive, board-supported approach in Singapore (and other countries) that lays the groundwork for a robust cyber defense mechanism. We believe that it is not just about fortifying defenses; it should center on integrating cybersecurity as a strategic imperative deeply woven into the organizational fabric.
CybersecAsia: What do you surmise are the rational reasons for such a lack of board support despite widespread cyberattacks around the world? Are they mainly small firms without the budget, or large corporations whose board members are unaware of the regulatory and fiscal impacts of demonstrating poor diligence in maintaining a strong cyber posture?
JT: The simple truth is that organizations of various sectors and sizes typically adopt a reactive stance toward cybersecurity, which, in the context of today’s digital age, can no longer be employed.
The increasing sophistication and diversity of cyber threats necessitates a shift towards a more proactive defense strategy.
Recognizing this, organizations should fortify their defenses comprehensively, treating each threat with equal seriousness. Rather than focusing on predicting specific attacks, it is crucial to establish a dynamic defense system that can withstand the entire spectrum of cyber threats.
This challenge extends beyond financial limitations; there is also a notable lack of understanding among stakeholders regarding the benefits of robust cybersecurity solutions like extended detection and response (XDR). Addressing this issue requires effective communication and influence strategies to enlighten stakeholders unfamiliar with these challenges.
CybersecAsia: From your own professional experience, how does implementing XDR drastically reduce cyber risks in those organizations that have not been attacked or successfully breached yet?
JT: An XDR platform provides comprehensive threat visibility, advanced detection and response capabilities, making it a valuable tool for organizations of all sizes.
By consolidating multiple products into a cohesive, unified security incident detection and response system, XDR holds the promise of reducing cyber risks, optimizing security operations center resources, and stopping cyberattacks before they happen.
CybersecAsia: In a holistic, strong cyber posture, what other measures besides XDR are available that can supplement or complement an organization’s infrastructure defense?
JT: We wanted to understand this same scenario: what the cybersecurity challenges are that organizations face, what are the stresses they endure, and what are the tools that would make their lives easier. Naturally, we turned to CISOs as they would know best.
Our own findings showed that:
- Organizations were working with too many solutions, with some reporting a usage of 28 individual security solutions on average.
- Another top hurdle cited was having too many pieces of technology without a sole source of truth.
- With over half of Singapore organizations falling victim to multiple attacks, we sense that their current toolsets were not enough.
For CISOs looking to build a robust security infrastructure, they need a comprehensive solution that can integrate multiple tools into a single platform, streamline operations and provide a holistic view of an organization’s security posture to protect against the most sophisticated cyber threats.
Ultimately, a strong cyber posture involves continuous evolution and adaptation to the evolving threat landscape.
CybersecAsia thanks Jonathan for sharing his cyber insights with readers.