Cybersecurity frameworks are not enough to protect organizations from today’s threats

by | Nov 18, 2022 | Technology

Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and achieve efficiency by upskilling and scaling citizen developers. Watch now.

As cybersecurity incidents proliferate, critical infrastructure and global enterprises are increasingly targeted by financially-motivated cybercriminal gangs and even nation-state threat actors. Today’s organizations are facing multiplying threats and increasing risks from a constantly-evolving threat landscape.

Last year, new cryptojacking and ransomware programs increased by 75% and 42%, respectively, all while OT vulnerabilities leaped 88%. Overall, companies experienced an average of 270 attacks in 2021, up 31% over 2020.

It’s clear that threats are growing at a never-before-seen rate, leaving security teams to grapple with the seemingly endless challenges these risks carry. To address the business risk that is now at the forefront of cybersecurity board conversations, companies across both the public and private sectors have implemented cybersecurity frameworks like NIST and MITRE ATT&CK.

Cybersecurity frameworks are designed to help businesses and governments better understand, manage and reduce their cybersecurity risk. Currently, all 16 critical infrastructure sectors, including energy and manufacturing, use the NIST framework, while 80% of enterprises use MITRE ATT&CK. A recent study by ThoughtLab highlights that leading organizations often use more than one framework to meet global standards and improve cybersecurity results.

Intelligent Security Summit
Learn the critical role of AI & ML in cybersecurity and industry specific case studies on December 8. Register for your free pass today.

Register Now

While frameworks like NIST and MITRE ATT&CK provide a practical foundation for basic cybersecurity practice, organizations should view them as the beginning of their cybersecurity journey, not the final destination. To ensure they have a well-rounded and effective security program, companies must further build on the frameworks, going beyond a “check the box” mentality to achieve a continuous state of security.

Disrupt the traditional reactive “scan and patch” approach

While frameworks like NIST and MITRE ATT&CK provide organizations with a starting point, these frameworks focus on reactive strategies that are no longer enough to keep up with the pace and volume of threats. For example, two of the five core pillars of the NIST cybersecurity framework focus on detect-and-respond tactics, which take place only after an attack. While the MITRE ATT&CK framework is a guideline for classifying and describing cyberattacks and intrusions, the guidance it provides is also tied to a response tactic for an attack.

Reactive strategies outlined in cybersecurity frameworks that focus on scanning and patching are not only slow and laborious; in many cases, they also fail to convey the level of risk associated with a threat. This often results in valuable resources being wasted on false alarms.

While cybersecurity frameworks are voluntary guidelines for private sector organizations, federal agencies and government contractors are required to comply with the NIST cybersecurity frameworks. This creates a strong focus for public sector …

Article Attribution | Read More at Article Source

Share This