2021 New Year’s Security Resolution: Fix The Right Things, Everything Else Can Wait
Share with Your Network
To say that 2020 was tough is an understatement, and at times it was difficult to imagine even the glimpse of a silver lining. However, those who know me best will say I’m the eternal optimist and, as such, I was determined to finish the year on a positive note.
Reflecting on the many discussions I had with Security professionals in 2020, it’s clear the year was not without its challenges. But thankfully it wasn’t all doom and gloom. I saw first-hand cybersecurity defenders and IT teams significantly upping their game (in spite of a crippling lack of resources) and working together to beat the attackers at their own game. That can only be good news!
The common ingredients in all these scenarios was data science and real-time vulnerability intelligence underpinned by a risk-based methodology. This proved a winning combination helping Security and IT teams to understand which vulnerabilities posed the biggest threat to their business. No longer dancing to the tune of an Excel spreadsheet containing hundreds of thousands of things that all supposedly need fixing, Security and IT started to work together and focus on prioritizing remediation based on risk. Everything else could wait.
My 2020 highlight is recalling conversations I had with CIOs and CISOs about how this combination of cloud security, risk-based intelligence and prioritisation had significantly reduced the pressure on their Security and IT teams in what was a really difficult year. It helped get their attention on the right things, fix the right things and free up their time to work on other business critical projects.
Most of us will have approached the new year with plans to do something different or better. So, a great resolution for 2021 is to consider what can be done to continue risk reduction not only here and now, but in the long term. In turn, you will be lightening the already substantial load on IT teams, allowing them to concentrate on delivery and availability of services. That’s a win-win for everyone.