This season’s featured cybersecurity nightmare may be ransomware, but breaches of all kinds are going up in both numbers and cost. In response, security vendors are offering sophisticated — and costly — solutions to defend against evermore sophisticated attackers. However, the most effective protective measures have nothing to do with specific software and everything to do with risk governance. Even in our increasingly complex cybercrime landscape, most attacks are preventable and most costs are avoidable.

The Art of Active Defense

The best way to prevent attacks and minimize losses is to use policy and governance guided by the principles of risk management to ensure available defenses are active and focused primarily on the organizational assets most at risk. However, organizations often fail to take these basic, critical steps. In fact, according to Infosec Island, security teams fail to implement 10 percent to 15 percent of scheduled patches “due to human or technology errors.”

This adds up to a lot of known but unpatched security holes attackers can exploit. The WannaCry ransomware attack, for example, could have been prevented with automated alerts of pending patches, combined with a governance process to ensure the alerts were addressed and the patches installed.

Prepare to Prevent and Recover

Active governance measures help to prevent security breaches and minimize the losses from attacks that do get through. Resilience against ransomware is an outstanding example: Offsite backups are the first line of defense against all types of data losses, from ransomware attacks to natural mishaps such as a flooded data center.

No magical cutting-edge technology is needed to provide offsite backups. The required technical solutions are widely available and well-tested. But backups do not happen by themselves. When data is rapidly recovered from offsite backups, it is because the backups were scheduled, the schedule was followed and the organization had tested its recovery process to ensure it would work when it was needed.

Similar principles apply across the spectrum of cyber operations. For example, with sound governance in place, access privileges are granted only on the basis of least privilege, in which users have only the level of access they need to do their jobs. Maintaining this policy reduces the risk of data or operations being compromised by either inevitable user error or malicious insider actions.

An Integrated Approach to Risk Governance

Unified effort is essential. The InfoSec Island article noted that a “truly integrated approach requiring strong governance and broad oversight illuminates vulnerabilities shared by departments.” Security holes can only be closed when they have been brought into view. Creating this security transparency and acting on it is what effective risk governance is all about.

More from Risk Management

How to Boost Cybersecurity Through Better Communication

4 min read - Security would be easy without users. That statement is as absurd as it is true. It’s also true that business wouldn’t be possible without users. It’s time to look at the big picture when it comes to cybersecurity. In addition to dealing with every new risk, vulnerability and attack vector that comes along, cybersecurity pros need to understand their own fellow employees - how they think, how they learn and what they really want. The human element — the individual and social factors that…

4 min read

Detecting Insider Threats: Leverage User Behavior Analytics

3 min read - Employees often play an unwitting role in many security incidents, from accidental data breaches to intentional malicious attacks. Unfortunately, most organizations don’t have the right protocols and processes to identify potential risks posed by their workforce. Based on a survey conducted by SANS Institute, 35% of respondents said they lack visibility into insider threats, while 30% said the inability to audit user access is a security blind spot in their organizations. In addition, the 2023 X-Force Threat Intelligence Index reported that…

3 min read

Increasingly Sophisticated Cyberattacks Target Healthcare

4 min read - It’s rare to see 100% agreement on a survey. But Porter Research found consensus from business leaders across the provider, payer and pharmaceutical/life sciences industries. Every single person agreed that “growing hacker sophistication” is the primary driver behind the increase in ransomware attacks. In response to the findings, the American Hospital Association told Porter Research, “Not only are cyber criminals more organized than they were in the past, but they are often more skilled and sophisticated.” Although not unanimous, the…

4 min read

Machine Learning Applications in the Cybersecurity Space

3 min read - Machine learning is one of the hottest areas in data science. This subset of artificial intelligence allows a system to learn from data and make accurate predictions, identify anomalies or make recommendations using different techniques. Machine learning techniques extract information from vast amounts of data and transform it into valuable business knowledge. While most industries use these techniques, they are especially prominent in the finance, marketing, healthcare, retail and cybersecurity sectors. Machine learning can also address new cyber threats. There…

3 min read