Cyber risk management: 5 cyber threats and their solutions

By: Eric Vanderburg, Microsoft Guest Author

As we look back on a succession of headlines about data breaches and security lapses at some of the world’s largest companies, we find a consistent theme. Attackers have continued to improve their techniques requiring companies to compensate and raise the bar on cybersecurity. However, there are still several gaps that CSOs should address to avoid the headlines in the future.

1. Information overload

The average company is adept at storing information but much less proficient in using it. There is so much data out there that many find it difficult to separate the signal from the noise. This is only magnified by the scale and reach of today’s companies.

Some SecOps teams suffer from false positive fatigue. It is a common ailment resulting from repeated instances where security alerts turn out to be a false alarm. False positive fatigue dulls the senses and makes teams less likely to respond with vigilance when receiving real alerts.

Companies in this condition have seen success by triaging security information. Modern security software can do a lot to reduce the false positives with baselines, thresholds, and heuristics. Such systems are only as good as the data they are based on, but today’s systems can make use of significant historical and current operational data to make better decisions. This reduces the false positives and usually results in fewer false negatives as well. Such software ultimately minimizes the strain on SecOps teams, allowing them to perform at their best.

2. Insufficient integration

Another problem is the insufficient integration between security systems and systems management tools. Companies still struggle to transform independent silos of security information into a cohesive matrix of integrated systems containing security insights and metrics. It is not enough to deploy security systems if they do not work together. Companies must also combat their technology sprawl, consisting of various on-premise and cloud systems. In such a complex environment, it is easy for valuable information to fall through the cracks. This is one factor leading to attacker persistence on networks. Currently, attackers remain on a network for an average of 146 days before they are identified.

About the author

Eric Vanderburg is a cybersecurity leader, consultant, author, and thought leader. He is a continual learner who has earned over 40 technology and security certifications. He has a strong desire to share technology insights with the community. Eric is the author of several books and he frequently writes articles for magazines, journals, and other publications. Eric regularly presents at conferences, seminars, and events.

Get started with Microsoft 365

It’s the Office you know, plus the tools to help you work better together, so you can get more done—anytime, anywhere.

Buy Now
Related content
Manage my business

Avoid security breaches: How to protect your data

Read more
Manage my business

How one of LA’s boutique hotels manages mobile data security for staff and guests

Read more
Manage my business

The importance of mobile data protection in a 24/7 industry: Q&A with an IT director

Read more

The Growth Center does not constitute professional tax or financial advice. You should contact your own tax or financial professional to discuss your situation.