CIS Benchmark SYSTEM HARDENING VULNERABILITY MANAGEMENT

As tools for conducting cyber attacks proliferate worldwide, large-scale cyber-attacks are becoming increasingly commonplace across the globe. But studies show that many organizations are still struggling to comprehend and manage the evolving cyber threats in our increasingly complex digital world.

The latest report from PwC, the Global State of Information Security Survey 2018, highlights the variety of different cyber-attacks we’re facing. From attacks on critical infrastructure, targeting phone systems, the production of insecure Internet of Things (IoT) devices; the attack scale is massive, and can have a devastating impact on society.  

The World Economic Forum (WEF) claims the rising cyber interdependence of infrastructure networks is one of the world’s top risk drivers, adding that cyber-attacks, software glitches, and other factors could spark systemic failures that ‘cascade across networks and affect society in unanticipated ways’. They also noted that the No.1 business risk in North America is: large-scale cyber attacks or malware causing large economic damages, geopolitical tensions, or widespread loss of trust in the internet.

What’s most alarming is that PwC found less than half of respondents conduct penetration tests, threat assessments, active monitoring of information, and intelligence and vulnerability assessments.

To make matters worse, security spending has dropped by nearly a third, from £6.2 million on average down to £ 3.9 million on average. This means it’s crucial that enterprises spend their security dollars on the right kind of cyber tools instead of throwing money at the problem and

NNT CTO, Mark Kedgley, recently commented on the latest article on SCMagazine, claiming, "wasted money in cyber-security never ceases to pain and amaze us" adding "we meet plenty of disillusioned cyber-security teams who have wasted money that could have been better spent, usually on products that are too difficult to use or take too long to deliver results, all at the expense of their security." NNT believes that focus on core security tasks is often being lost by the turning of heads toward the most hyped new innovation. "As with most things in life," Kedgley told SC "it's important to get the basics right first and in cyber-security.”

The PwC survey suggests the need for a global conversation that provides business leaders with actionable advice to build cyber resilience within their IT environment. They also suggest the need for all organizations, regardless of just how prepared you think you are, to make certain your strategic cyber goals are being executed.

Stress-testing your interdependencies with simulated cyber-attacks can help unmask these vulnerabilities with your IT environment you once thought were secure. Dan Geer, CISO at In-Q-Tel, suggests asking yourself this question when developing cybersecurity stress test scenarios: Can I withstand the failure of others on whom I depend?

 

Read the article on SCMagazineUK

 

 

 

 

 

 

NNT Products
USA Offices
New Net Technologies LLC
Naples
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
Atlanta
201 17th Street, Suite 300
Atlanta, Georgia, 30363.

Tel: 1-888-898-0674
email [email protected]
UK Office
New Net Technologies LLC
Rivers Lodge
West Common
Harpenden
Hertfordshire
AL5 2JN

Tel: 01582 287310
email [email protected]
Connect
Google+ Linkedin Twitter - Change Tracker Facebook rss feed YouTube
CIS benchmarking SEWP Cybersecurity 500 Sans Institute
Copyright 2017, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.