Organizations are struggling with inadequate IT budget while the threats of cybersecurity incidents and data breaches are becoming increasingly prominent. Investment in security appears to be never adequate. Business leaders ask how much more they should invest in security. To make the best use of the available budget for security, IT teams should consider balancing their investment in the following areas:
- Network/host security
This has been traditionally the focused area for cybersecurity investment. The assumption is that if we can prevent the bad actors from getting into our network/systems, everything inside will be safe and security. For many organizations, this is the primary area of investment, but the return on investment can dimmish very quickly, and the bad actors can always figure out a way to get in.
- Backup solution and practice
From business continuity and disaster recovery perspective, you should invest in a solid backup solution that ensures your systems and data can be restored no matter what happens, including an organization-wide cybersecurity event. Moreover, you should invest the time and resources to practice the recovery process on a regular basis. From the practice sessions, you should be able to actually measure the Restore Time Objective (RTO) and Restore Point Objective (RPO) for your systems and applications. Such metrics should be reviewed with business to ensure they are acceptable. The public cloud can be a great place for you to practice your disaster recovery procedures without additional capital investment in IT infrastructure.
- Data protection solution
This is the area that most organizations have little or no investment. People assume their data is safe when their network is protected. But in reality, we have seen numerous data breaches for even the world’s largest organizations that have invested heavily in network security. The bad actors can always find a way to break in via various approaches, such as exploring unpatched vulnerabilities or even zero-day vulnerabilities, launching phishing attacks, and leveraging social engineering techniques. To effectively mitigate the risk of data breaches, you should proactively protect your data itself. The ideal outcome is that, even when the bad actors happen to get into your network, they cannot take anything of value. If they cannot get your actual sensitive/confidential data, their leverage for a ransom payment is significantly reduced. You can ensure your customers, employees and business partners that their data in your custody is always safe and secure.
Businesses should leverage the zero-trust architecture and balance their security investment in multiple layers of defense to win the cybersecurity battle. You might not need to increase your total budget but balance your investment to achieve a better ROI. The network/host security solutions can tackle a vast majority of attacks and known vulnerabilities. When your network/host security is accidentally compromised for any reason, such as zero-day vulnerabilities or lost credentials, your sensitive and confidential data is strongly protected. Bad actors cannot get anything of value. They might still cause some damages and disruptions, such as encrypting your systems and data. As you have practiced your backup solution before, you can just restore the impacted systems from your backups and business can go on as usual. There is no need to pay the demanded ransom, and there is no data breach to report. Balancing your investment in security based on the zero-trust architecture can be an effective approach to win the cybersecurity battle.