Cybersecurity Process Issues Will Dominate 2020

More money than ever is being allocated to cybersecurity, yet the biggest issue most organizations will face in 2020 will be aligning cybersecurity and IT operations processes rather than mastering an individual technology.

A recent survey of 400 IT leaders at large enterprises conducted by Forester Consulting on behalf of Tanium, a provider of tools for securing IT endpoints, found 67% of respondents have identified driving collaboration between security and IT operations teams a major challenge. In fact, the survey also found it takes cybersecurity and IT operations teams that have a healthy relationship almost two weeks less time to patch vulnerabilities (37 business days versus 27.8 business days) than those that don’t.

The survey also found there is also a significant gap between how quickly vulnerabilities can be discovered and remediated and actual visibility into the IT environment. A total of 80% of respondents claimed they can take action on the results of a vulnerability scan instantly., while 89% said they could report a breach within 72 hours. However, only half (51%) believed they have full visibility into vulnerabilities and risks and only 49% said they believe they have visibility of all hardware and software assets in their environment. Almost three-quarters (71%) of respondents admitted they struggle to gain end-to-end visibility of endpoints.

Chris Hallenbeck, chief information security officer (CISO) for the Americas at Tanium, said there is a clear need to both re-engineer processes and consolidate cybersecurity tools. The more cybersecurity tools an organization employs, the more difficult it can be to make sense of all the alerts being generated, he noted.

The survey results make it clear there’s a lot more need to focus on fundamentals. Despite all the concerns about advanced persistent attack (APTs), the bar for launching a successful cybersecurity attack is still relatively low. Cybercriminals are not going to go to the trouble and expense of launching attacks using advanced technologies when much easier attack vectors are just as effective, said Hallenbeck. While more senior business and IT leaders are cognizant of IT security issues, that unfortunately has yet to manifest itself in a review of how cybersecurity and IT operations teams collaborate, he added.

What is changing is the level of stress among cybersecurity and IT staff. It’s already apparent that rising global tensions in 2020 are going to bring maximum pressure to bear on cybersecurity processes that already have been shown to be flawed, said Hallenbeck. In fact, when business and IT leaders evaluate cybersecurity risks, many of them are underestimating the impact stress factors will have over an extended period of time. Most cybersecurity and IT operations teams are not going to be able to maintain a state of high alert for an extended period, Hallenbeck noted.

It’s unclear whether organizations in 2020 will proactively address cybersecurity process issues. Advances in DevSecOps practices do bode well for the future. However, far too many organizations still appear to be awaiting some catastrophic event to occur before doing anything more than throwing yet one more tool at the problem.

— Michael Vizard