Why FOMI is keeping cybersecurity professionals up at night – Irish Tech News – Irish Tech News
Guest post by Brian Martin, Head of Product, Strategy and Innovation at Integrity360
Even before the pandemic, CISOs were under more pressure than ever with increasingly sophisticated cyber threats and more frequent attacks. That’s not to mention the weight of potential repercussions stemming from a breach.
With people working across multiple devices and various locations, this risk landscape has become more challenging in recent times – leading to FOMI (fear of missing incidents) and probably more than a few sleepless nights for cybersecurity professionals.
According to a report from FireEye, the average security operations team received over 11,000 security alerts every day in 2020. When combined with the fact that the average cost of a security breach is said to be $3.86 million, it’s easy to see why they are experiencing immense amounts of stress.
Then the pandemic hit and in April 2020, the FBI estimated that there had been a 300-400% increase in reported cybercrimes. And that upward trend has not reversed since, with Check Point reporting a 102% increase in ransomware attacks in 2021 compared to the same period in 2020.
On home soil, you just have to look at the high-profile attack on the HSE to appreciate the stakes involved. This incident caused nationwide disruption to all systems and impacted the delivery of health services to thousands of patients. It is an attack from which the health service is still recovering.
The additional uptick in cybercrime coupled with the pandemic has certainly created a domino effect, leading to a further rise in alerts and added pressures to a FOMI pot that was already bubbling over. Of course, additional pressure often leads to burnout and fatigue – impacting on the ability of cybersecurity teams to do their jobs effectively and spot issues or threats.
While security professionals and teams are doing what they can, a lot of them simply don’t have the resources to cover all bases. Not only is this putting individuals at risk, it could also place businesses in a very vulnerable position.
It is clear that the pressure and stress placed on analysts is spiralling out of control in many instances. And with the volume and complexity of cyberattacks only expected to rise over the coming months, it is a problem that – if not addressed – will only get worse.
An answer is needed. But the question is not simply about whether these pressures can be alleviated. Rather, it is about how they can be alleviated in the most effective manner that benefits those on the frontline and provides a sustainable, scalable approach for the organisations.
On this front, many CISOs are turning to endpoint detection and response (EDR) and extended detection and response (XDR), both emerging security technologies capable of delivering greater visibility, threat detection and response proficiencies across all corporate endpoints.
The former, EDR, powers the automated monitoring of endpoints, using behavioural analysis and machine learning technologies to instil advanced levels of protection far greater than that of legacy solutions such as antivirus software. The latter (XDR), meanwhile, is an even more evolved approach, taking the same principles of EDR and extending them beyond the endpoint to servers, networks the cloud, SIEM and other areas where vulnerabilities might be present.
Both EDR and XDR offer significant advantages, improving security capabilities and easing the burden on personnel. However, the key challenge with both approaches is that while automation may help to find risks, it can be hard to effectively respond to them without the right expertise. That’s where MDR service providers come in.
To truly transform security and address concerns surrounding missing incidents, organisations must take things a step further and tap into the skills of both humans and technologies through the deployment of managed detection response (MDR). It uses existing and emerging technologies, like advanced analytics and threat intelligence, in tandem with experts in incident investigation and response, enabling organisations to find and deal with potential incidents and vulnerabilities.
MDR offers trusted support that doesn’t just flag potential incidents, but also helps companies respond to them and frees up internal enterprise security teams. Moreover, it allows organisations to maintain productivity levels while enhancing risk awareness and incident response.
When used in conjunction with a comprehensive suite of security tools, from intelligent incident timeline construction to automated response, modern SIEMs provide highly insightful context, showing how attackers think, their methods of work, and their target assets. With these insights, security leadership becomes empowered, gaining the knowledge and tools they need to focus on delivering more effective results such as enhanced response times.
MDR is all about building up protection against an organisation’s primary risks (like data theft, ransomware, malware, production downtime, fraud and hacktivism), while simultaneously supporting business priorities including costs, productivity and efficiency of operations.
Whatever their focus is, having an adequate and effective approach is crucial for mitigating risks and safeguarding organisations. Through bespoke security solutions, backed by the right combination of technology and security professionals, MDR helps to relieve the unwanted pressures of FOMI and enhance security in a multitude of ways.
Given these advantages, the challenge of FOMI, and the rising tide of security threats facing CISOs, now is the time for organisations to transform their approach and response. Not only will it help the company as a whole and protect systems, it will also alleviate the pressure on cybersecurity teams and enable both to thrive.
See more stories here.
Irish Tech News are Ireland’s No. 1 Online Tech Publication and often Ireland’s No.1 Tech Podcast too.
You can find hundreds of fantastic previous episodes and subscribe using whatever platform you like via our Anchor.fm page here: https://anchor.fm/irish-tech-news
If you’d like to be featured in an upcoming Podcast email us at [email protected] now to discuss.
Irish Tech News have a range of services available to help promote your business. Why not drop us a line at [email protected] now to find out more about how we can help you reach our audience.
You can also find and follow us on Twitter, LinkedIn, Facebook, Instagram, TikTok and Snapchat.
Brian MartinFOMIIntegrity360
Follow Irish Tech News