Which cybersecurity path is right for you?

Implementing a successful cybersecurity program

by Kevin Jackson, CEO & Founder, GovCloud Network

AT&T Business commissioned an online survey on the Spiceworks community in the summer of 2018 to gain insights on cybersecurity practices in midsized organizations. 250 US IT decision-makers involved in security decisions and purchases at organizations with 150+ employees responded.

The survey indicated that, although cybersecurity was the top technology priority for the past year, these organizational decision makers evaluated cybersecurity as the most underperforming information technology area. It also uncovered an alarming disconnect between how security investments are viewed by top executives when compared to IT/security teams implementing them. An excessive focus on cybersecurity was cited as a sink for resources being pulled from more critical digital transformation projects.

Researchers analyzed the data to uncover key corporate traits for countering this dangerous possible trend, leading to a few surprising commonalities among companies that boasted an effective cybersecurity program, including:

  • The existence of a formal security risk management strategy. Companies that have this experience cost and time savings, increased business efficiency, and improved customer satisfaction
  • Establish proactive security process instead of having a reliance on an ability to react to security threats
  • Utilize or deploy advanced solutions rather than maintaining a focus on anti-virus, anti-malware, and anti-spam software
  • Approach security as a risk management discussion rather than as primarily a security control status checklist
  • Implement a well-executed vulnerability threat management program for network infrastructure devices and end-user devices

These observations mean that to implement an effective cybersecurity program, enterprises need to veer away from simply spending even more precious resources on security. Business leaders need to focus on new technologies and innovations. They should prioritize internal collaboration on business operations, and position cybersecurity as a company-wide issue, not an IT task. With that set as a common focus, the fresh perspective should then be used to set data security policies, prioritizing, and only funding those that need enforcement.

This new approach should also include working with an MSSP to create a cost-efficient and centralized security strategy that guides the management of the ongoing cybersecurity operations that support and scale business operations. With a managed security provider available to tackle the everyday tasks of cybersecurity, organizations can redeploy precious financial and human capital assets to more critical, industry differentiating tasks.

If charting this new course seems appropriate for helping your company become more strategic about cybersecurity risk management, the new AT&T Cybersecurity solutions team can assist. AT&T Cybersecurity combines the strengths of the AlienVault Unified Security Management (USM) platform and the Open Threat Exchange (OTX) with the suite of managed cybersecurity services, solutions, and network visibility from AT&T to help protect businesses.

This combination also includes a global network of 24/7 operations centers that use a multi-layer defense approach to address cybersecurity risks in even the most complex environments. The 8 global AT&T Security Operations Centers, have more than 200+ petabytes of data crossing our network every day. This data enables AT&T Threat Intellect to provide more insights, more experts, and more tools to help protect you and your customers 24/7. Visit AT&T at RSAC19 or our cybersecurity services page.