How to Improve Cybersecurity Agility Without Cutting Corners

How to Improve Cybersecurity Agility Without Cutting Corners

You developed a cybersecurity framework to identify threats, educate users, and protect your most important assets. On paper, your organization looks well protected. In reality, you know the truth. Several parts of your cybersecurity framework aren’t implemented fully. If this situation sounds familiar, read on.

Cybersecurity Framework: Plans vs. Reality

Your cybersecurity framework was probably developed a few years ago. It might have been the pet project of a newly hired IT executive. Alternatively, it might’ve been a recommendation from an auditor who reviewed your organization. In any case, you completed the tough work of building out a cybersecurity framework. You studied cybersecurity standards such as the NIST cybersecurity framework to guide your work. As a guideline, your cybersecurity framework is excellent.

In reality, there are serious shortcomings. For example, your cybersecurity framework probably covers the following areas defined in the NIST framework:

●    Identify: Determine your capacity to identify risks, problems, and assets for cybersecurity. Without this capability in place, you’re much more likely to be surprised by threats and respond ineffectively.

●    Protect: Gauge your capacity to protect assets, systems, and people from cyber threats.

●    Detect: Detect your organization’s capacity to correctly identify threats and their severity. Some organizations have cyber threats in their systems for months before they’re detected. It’s critical to speed up detection time.

●    Respond: Monitor your capacity to respond to cyber threats and events in a timely fashion.

●    Recover: Evaluate your capacity to “bounce back” from a cyber event when one occurs.

If you had to rank those areas on a score of 0 (i.e., “not implemented”) to 5 (“fully implemented and optimized”), how many could you describe as a 5? If you answered less than five for the first two areas, your organization faces an above-average cyber risk. Let’s look at the traditional approach to solving this problem next.

The Traditional Approach to Improving Cybersecurity

The conventional approach to improving cybersecurity relies upon resources. You invest more training resources in your team. You bring in outside experts to provide cybersecurity simulations. You decide to hire more staff. To a degree, all those methods have their place. However, you need to keep cybersecurity needs in context with the rest of the organization. Asking your executives constantly for budget increases is going to stop working at a certain point.

That’s why we’re introducing a different way to improve the effectiveness of cybersecurity. It comes down to cybersecurity agility.

The New Way to Improve Cybersecurity Agility

You’re probably used to seeing certain parts of IT security as manual and slow. Take user account administration or password management as examples. Your people managers probably have an informal process to approve these requests one by one through email. When they get busy, they probably fall behind or don’t follow your cybersecurity framework correctly.

You could solve the problem by monitoring managers more intensely or adjusting your compensation model. There’s a better way. Use an AI security chatbot to manage IT security operations. Avatier’s Apollo helps you improve the implementation of your cybersecurity framework in several ways.

1. Identify

Identify your gaps in identity management and access. For example, you can ask for reports on exceptions or inactive user accounts. Those outliers to your cybersecurity framework should be reduced over time as your cyber maturity increases.

2. Protect

Apollo is a fast way to ensure that your identity and access management changes are consistently executed. There’s no more harassing your managers when they make a sloppy approval or take too long to respond to a request. By improving the level of consistent execution, your identity management process results in greater protection because hackers will have fewer easy targets.

3. Recover

Following a cybersecurity incident, you’re going to have much work to handle. You might have hired consultants to help you redesign your cybersecurity framework. In that case, struggling to keep up with identity management requests is the last thing you have time to handle. Apollo works 24/7 to handle identity and access requests, even when the rest of the IT security team is busy with recovery tasks.

What Kind of Agile Gains Can You Expect from Using Apollo?

It depends upon the size and complexity of your organization. Let’s assume that you have 20 IT security staff right now. They probably spend about 10% of their time on IT security administration tasks such as reviewing passwords. If this work effort is cut in half, you’ll immediately have more staff time available to work on agile projects.

To make the best use of that increased capacity, we recommend running a five business day sprint to come up with cybersecurity improvement ideas. Everything is on the table at this point. At the end of the sprint, meet together to discuss what the team has decided. Whenever possible, look for ways to streamline and update the cybersecurity framework as well. Without changes to this critical document, your auditors will continue pointing out control gaps.

Written by Nelson Cicchitto