Why Your Approach to Cybersecurity Needs to Be Proactive Rather Than Reactive
Some businesses rely on a reactive approach to best manage cybersecurity. However, this is flawed thinking. Here’s why.
In formulating a cybersecurity strategy, there are two principal approaches a business can take – a proactive approach or reactive approach.
A reactive approach involves responding to attacks after (or if) they happen. A proactive approach attempts to prevent incidents from taking place before they can happen, anticipating the potential risks and weaknesses within a system, and fixing them before they can be exploited.
Some businesses rely on a reactive approach to best manage cybersecurity, worrying that trying to anticipate attacks will be too expensive and mostly unnecessary. However, this is flawed thinking.
The financial and reputational costs of suffering an attack are growing every year, and this means the cost of remediation is likely to be significantly higher than the cost that it would have taken to implement appropriate security controls in the first place.
By the time you respond to a cyber attack it’s too late
You don’t have to look very far to find examples of organisations suffering cyber attacks due to a flawed reactive approach to their security. Only last year, the WannaCry ransomware attack caused enormous problems for the NHS and a number of organisations across the world — an estimated 230,000 computers were affected. And the problem here, was that in many cases, organisations had failed to be proactive in keeping vital systems patched to address a known vulnerability
Cyber criminals are constantly changing their tactics
One of the major challenges facing businesses is the increasing sophistication of hackers. Ever-evolving hacking tactics and techniques, as well as more readily available hacking tools, has made it possible for cyber criminals to circumvent traditional defenses such as firewalls and anti-virus software.
This leads to a further problem where attacks are becoming harder to detect. In fact, it is common for businesses to be breached without even knowing it. According to the Ponemon Institute, it takes an average of 191 days for a business to detect that it has been hacked.
To counteract these problems, it is important to gain visibility of what activity is happening across networks and endpoints in order to be able to detect malicious activity in its infancy before it spreads.
You need to assume that your business will be breached at some point and have appropriate monitoring controls and procedures in place to mitigate the risks.
Ensure continued GDPR compliance
The GDPR came into force in May 2018 and this led to many businesses having to make changes to their data protection policies as well as security processes. But compliance with the rules is about more than just one-off changes to policies.
The onus is on companies to put in place appropriate technical and organisational measures to protect personal data, as well as detect, investigate and report data breaches.
Organizations that fail to demonstrate a proactive approach in these areas risk the possibility of fines. Remember that under the GDPR, businesses that suffer personal data breaches are also required to notify individuals in cases where there is a high risk to their rights and freedoms.
How to take a proactive approach to your security
So taking a proactive approach to your cybersecurity is essential — but what are some practical steps that you can take to achieve it? Firstly, it is a good idea to regularly invest in security assessment services such as vulnerability scanning and penetration testing, as these can reveal exposures weaknesses across your business’ networks, system and applications before they can be exploited by criminal hackers.
Proactive network and endpoint monitoring to hunt for and respond swiftly to threats should also form an important part of your approach. Providing cybersecurity training is also recommended to help employees improve their cybersecurity knowledge and awareness of the latest risks, such as social engineering.
Being proactive does not have to be an prohibitively expensive approach — it simply means allocating time and resources to prepare your organization to prevent and respond to attacks early, rather than extra time, effort and expense to try and recover after the damage has been done.
Mike James is a UK-based cybersecurity professional and regular author, working together with penetration testing specialists Redscan on this and a series of other cybersecurity articles. For further reading on report data breaches, see this recently published blog on the Redscan site.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!
Related Content
Security Is Our Business, Too
For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Commercial Integrator + Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add to your bottom line.
A FREE subscription to the top resource for security and integration industry will prove to be invaluable.
