Home » Digital Security » Five Lessons Learned From Cybersecurity Breaches
Digital Security

Five Lessons Learned From Cybersecurity Breaches

avatar

Brennan P. Baybeck, CISA, CISM, CRISC, CISSP

Chairperson, ISACA Board of Directors; Vice President of Customer Support Services Security Risk Management, Oracle Corporation

Even as more boards and executive leaders become savvier about cybersecurity risk — and highly motivated to avoid the disastrous incidents that have damaged their competitors on the enterprise landscape — critical gaps remain in organizations’ preparedness, allowing the vicious cycle of cybersecurity breaches to continue. Here are five ways organizations can guard against becoming next in line to be damaged by a breach:

1. Sharpen focus on data governance and protection

Most of the prominent breaches we hear about can be traced back to a failure to execute core security fundamentals — not patching properly, weak passwords, and uncertainty about where key data is being stored and how it is being protected. These basic lapses greatly compound risks in an era when cybercriminals are becoming more focused and sophisticated than ever, and businesses are aggressively transforming digitally. Security executives need to be proactive in establishing solid data protection and data governance programs before drawing the board’s reproach or, worse, having their security program’s shortcomings exposed in the form of a major breach. 

2. Combine existing and new capabilities for greater impact

Providers are developing new security capabilities and services that are being incorporated in cloud platforms and “Software as a Service” (SaaS) applications that enable business transformation and should be heavily leveraged in a security strategy. At the same time, enterprises should not lose sight of the existing technologies and investments they already have at their disposal that they may be underutilizing or ignoring. Organizations should identify ways to integrate technology and service partners into their cybersecurity strategies and better utilize the ever-expanding capabilities within those platforms. A combination of drawing upon foundational technologies, and being receptive to update capabilities as they become available, will best position organizations to transform quickly and securely.

3. Collaborate across the organization to address security

Security teams often function in a siloed fashion — an approach that needs to change to best equip the entire organization to deal with the growing attack surface. Security and data protection is a team sport. As leveraging data becomes increasingly critical to all business functions, the security team needs to partner with business units to make sure sound policies and procedures are being applied to new-use cases for handling data and the deployment of various emerging technologies. It is also an excellent idea to collaborate with the IT audit and privacy functions, which are well positioned to provide detailed requirements, and assess data protection and controls that drive virtually every business process throughout the organization. 

4. Prioritize skills-based training

As evidenced by the ongoing cybersecurity skills gap (the majority of organizations have unfilled cybersecurity positions, according to ISACA’s State of Cybersecurity 2019 research), organizations are challenged to bring in practitioners with the needed skills to defend against the expanding threat landscape, and the data breaches that result. In most cases, waiting for candidates with the ideal background to walk through the door is unrealistic. That means organizations need to be open-minded about hiring technology-minded people who might not have an extensive cybersecurity background, and then provide the skills-based training to help them become proficient in these critical roles. 

5. Take a proactive approach

Security teams often are so busy with day-to-day concerns and issues that they fail to take advantage of opportunities to proactively address longer-term challenges. As with the businesses we serve, AI, cloud computing, and other drivers of digital transformation empower security teams to find new ways to address vulnerabilities and inefficiencies that can better position the organization to avoid breaches and thrive amid the accelerated pace of conducting business in today’s data-driven enterprise landscape.

Brennan P. Baybeck, CISA, CISM, CRISC, CISSP, Chairperson, ISACA Board of Directors; Vice President of Customer Support Services Security Risk Management, Oracle Corporation, [email protected]

Next article