Firms need stronger metrics and skills to outpace cyber threats
With cyber threats constantly growing in frequency and intensity, organizations need much stronger metrics and cyber security skills to mount a proper defense.
That is one of the key findings of a new report from industry association CompTIA, which says that a greater reliance on metrics to measure success combined with enhancing skills across security teams are among the best ways to help organizations boost their cybersecurity effectiveness.
In its report, “2018 Trends in Cybersecurity: Building Effective Security Teams,” CompTIA explores what organizations are doing to secure data and handle privacy concerns in an environment that has grown in complexity. Specifically, the report looks at the ways that companies are forming teams around security, using both internal resources and external partnering. Four hundred U.S-based business participated in the survey.
The use of security metrics to measure success and inform investment decisions is an area that’s taking on greater importance, according to the report.
“Though just one in five organizations makes heavy use of metrics within their security function, a full 50 percent of firms are moderate users of these measurements,” said Seth Robinson, senior director for technology analysis at CompTIA.
“The use of metrics in the cybersecurity realm provides an excellent opportunity to bring together many parts of the business,” Robinson continued. “From the board level through layers of management down to the people executing security activities, all have a vested interest in setting the proper metrics and reviewing progress against goals.”
Robinson advised that the most important guideline for establishing security metrics is to make sure that all aspects of security are covered. This should include:
- Technical metrics, such as the percent of network traffic flagged as anomalous.
- Compliance metrics, such as the number of successful audits.
- Workforce metrics, such as the percentage of employees completing security training.
- Partner metrics, such as the number of external agreements with security language.
Upskilling Security Teams
The use of security metrics and the formation of security teams should be viewed as complementary activities, though for many organizations some upskilling will be necessary, Robinson explained.
"Foundational skills such as network security, endpoint security and threat awareness still form the bedrock of a strong team,” Robinson said. “But as the cloud and mobility have become ingrained into IT operations, other skills have taken on equal or greater importance.”
In order to acquire the security skills organizations require, many are primarily looking to train current employees or expand their use of third-party security expertise. New hires and new partnerships are usually secondary considerations, Robinson explained.
When it comes to the use of external resources, 78 percent of companies rely on outside partners for some or all of their security needs. Many firms rely on more than one partner, another indicator of the complexity of cybersecurity, Robinson explained.