Data breaches can be frightening; they result in financial loss, loss of customer trust, and their effects can be felt for years. According to Ponemon’s latest Cost of a Data Breach report, one-third of data breach costs occur more than one year after an incident.
A good cybersecurity platform is your first line of defense against breaches and attacks. That said, choosing a security platform is no picnic either; it’s easy to get overwhelmed by the number of solutions on the market. There are hundreds of solutions, each with a different angle on information security.
When you’re trying to navigate the market, it can be helpful to keep a list of the most important features your ideal cybersecurity platform must have to address your organization’s specific risks. Here is a checklist to get you started.
1. Good analytics.
Every organization in every industry can benefit from good analytics. It’s easier to put your finger on a threat if you’ve rated your risks, and have a good historical picture of where your risks have been in the past. When you have good data, you can clearly see your risk, monitor situations that could pose a threat, and move quickly when there’s an issue. In fact, good data can help you even after a data breach or attack. Ponemon’s 2019 Cost of A Data Breach report found that companies that use security analytics reduce the cost of data breaches by an average of $200,000.
2. Coverage of your biggest external threats.
Many threats come from outside your organization. Ponemon’s 2018 State of Cybersecurity in Small & Medium Size Businesses (SMBs) reportfound that 37% of incidents were confirmed attacks from an external source. These external threats tend to take the form of hacking and phishing, and tend to come into an organization in a variety of ways: stolen credentials, Denial of Service, compromised web applications, and email attachments. (For example, 93% of spam emails are now vehicles for ransomware.) Your security platform should be able to monitor your threats, and let you know when your organization has been compromised or targeted by malicious activity.
3. A defense against internal threats.
While most of an organization’s threats tend to come from outside, occasionally the call is coming from inside the house. According to Egress’s Insider Data Breach survey, 95% of businesses are worried about an insider breach. This doesn’t necessarily mean you’ve got bad actors in your organization — most of the time internal threats are mistakes (like misconfiguration of AWS buckets or unapproved workarounds) or bad choices by employees. Occasionally, however, an internal actor will get involved with truly malicious activity like espionage or theft — Egress found that 61% of IT leaders believe their employees put sensitive company data at risk maliciously in the last year. Whatever their reasons for exposing you to risk, a good cybersecurity platform should be able to quickly alert you to mistakes or misuse that could be putting your data or networks at risk.
4. Compliance.
Information security means different things in different industries. Every industry and organization — from healthcare to finance – has a unique set of regulations, standards, and best practices when it comes to information security. Your cybersecurity platform should help your organization achieve, maintain and prove compliance with whatever regulations are relevant to your industry and geographical location.
5. Manage risk across your entire ecosystem.
Third parties — your vendors, partners and contractors — are a critical source of risk to your business. They often have access to your data and networks, but you can’t always require them to adhere to specific standards or best practices. It’s no surprise that third parties are a significant source of risk — Ponemon’s 2019 Cost of A Data Breach report found that when third parties cause a breach, the cost increases by more than $370,000. Yet, according to Protoviti’s 2019 Vendor Risk Management Benchmark Study, only 4 in 10 organizations have a fully mature vendor risk management process in place. Your cybersecurity platform should let you monitor and manage the risks posed by your vendors. Your cybersecurity platform must allow you to monitor and manage risk no matter where it occurs — outside the company, inside your organization, or in your supply chain.
6. Threat prevention, detection, and response.
Last year, a survey published in CISO magazine found that 31% of CISOs want their security platform to block more than 95% of attacks and track those attacks they can’t block, providing continuous alerts so that the security team can track down the suspicious activity and eliminated it.
7. Continuous monitoring.
When it comes to cybersecurity, it’s no good relying on snapshots of your risk, or compliance. Yes, you and your vendors might be compliant right now, but tomorrow, a patch might not be installed in a timely manner, or someone might misconfigure a server. A security platform that doesn’t provide continuous monitoring is leaving holes in your compliance and leaving you open to risk.
How SecurityScorecard can help
Your cybersecurity platform should be able to keep you apprised of your risk is at all times.
SecurityScorecard’s cybersecurity platform allows you and your organization’s business stakeholders to enable users to continuously monitor the most important cybersecurity KPIs for your company and your third parties. Our security ratings use an easy-to-understand A-F scale across 10 groups of risk facts with 92+ signals so you can see, at a glance, where your problems are and what actions you should take when any issues are discovered.
By monitoring the cyberhealth of your extended enterprise, you’ll be able to collect data on your cybersecurity efforts and make informed security decisions in the future.
