How to strengthen IT security with limited resources

Posted on 25 Oct 2024 by The Manufacturer
Partner Content

Cybercrime is on the rise. Yet many businesses lack the resources to defend themselves on a continuing basis. Marcin Figurski, Technical Director at Qodea, looks at practical ways to beef up cybersecurity without the need for major upfront investment. 

Why we need a smart approach to cybersecurity

The profile of cybercrime just keeps getting higher. The global cost is predicted to reach over $10 trillion a year by 2025, with most of the burden falling on businesses. In Qodea’s recent survey of IT decision-makers, 90% said that the risk and severity of attacks had increased in the past year. Although nearly all respondents had invested more in cybersecurity, 55% felt less secure than before. 

Despite all this, cybersecurity remains a reactive function for most businesses outside of the financial services industry, with resources typically activated in response to a breach. Few security teams have dedicated security operation centre (SOC) analysts. Instead, the role is often spread across DevOps or platform teams. And with business confidence relatively low at the moment, organisations are also investing cautiously in IT. 

This picture is reflected by research findings that reveal two-thirds of UK organisations have poor cyber-resilience strategies, and over one-third have been prevented by budget cuts from maturing their cyber defence teams. The result is overstretched teams at a time when, according to the World Economic Forum,  there’s an urgent talent shortage in cybersecurity.  

rel="nofollow"

With malicious attacks on the rise, an increasingly complex threat landscape and limited resources, the clearest path forward for most organisations is to focus on smarter use of existing resources. 

Five steps to security

Here are five practical ways in which manufacturing and industrial organisations could improve cyber-resilience without the need for significant investment in personnel or technology: 

  1. Implement a risk-based approach. This is a way to focus your resources. In a risk-based approach, an organisation decides what’s important to protect and then puts in place appropriate controls . So, rather than having to focus on every single alert, teams can concentrate resources on areas that present the highest risk to the business. If you don’t have a dedicated SOC resource, the right external expertise and tooling can help to put a risk-based approach in place.
  1. Use automation and orchestration tools. Security tasks can create “toil” – tasks that are repetitive, low-value, error-prone yet nonetheless necessary.  An analyst reviewing multiple alerts and applying the same remediation on many devices brings little value to either the business or the analyst . Automation and orchestration toil will reduce errors while freeing up staff for more valuable security tasks. 
  1. Better communication and collaboration around security. There’s an opportunity for security specialists to work more closely with your IT teams so that new applications and solutions are built “secure by design”, rather than considering security as an afterthought or a remediation.  Adopting a shift left approach bakes security into the development process while maintaining the velocity of your CI/CD pipelines. 
  1. Offer continuous training and development. This empowers your teams to secure your workloads in a way that can continuously improve your security posture.
  1. Leverage external expertise. If you lack the resources to drive security initiatives, external technology partners can help, in particular with managed security services that give you access to best-in-class security tools, technology and expertise.

Case study: Managed Security Service in action

Following a cyber incident in October 2022, a large retailer in the DACH region with 93,000 employees faced challenges in developing its security capabilities. The organisation had over 3,500 projects in Google Cloud and was experiencing around 80,000 security alerts but had no process in place for triage or vulnerability management. Qodea provided rapid onboarding, reducing critical misconfigurations and addressed challenges related to centralised security, decentralised services, and SIEM/SOAR deployment. The retailer has since experienced no further breaches and now has a security posture that’s fit for today’s challenging environment.  

Next steps

The biggest budgets typically get allocated to cybersecurity after there’s been a data breach. But given the huge financial and reputational costs that a breach can entail, it’s well worth investing earlier. Today, this doesn’t necessarily mean capex or headcount. You can improve your security posture to be fit for today’s landscape by applying the steps discussed in this article, and by leveraging the expertise of technology partners. 

To explore these issues in more depth, read Qodea’s 2024 report Tipping the Cyber Scales: How Defenders Can Get Back in the Game. And to learn more about how Qodea can help you in your cybersecurity journey, visit https://qodea.com/expertise/security/  


How to strengthen IT security with limited resources Author: Marcin Figurski, Technical Director at Qodea.

 

 

 

 


For more articles like this, visit our Digital Transformation channel.