Steve Caimi is a security specialist Cisco with nearly 25 years in cybersecurity. Peter Romness, cybersecurity principal at Cisco, brings over a decade of experience advising IT leaders in the U.S. government.
There’s no shortage of things to do in cybersecurity. 2020 in particular posed acute challenges for federal agencies as they pushed forward a range of new cloud-based tools to support and secure the remote workforce. Now, as IT leaders evolve their strategies for 2021, questions about security will be top of mind for many. For instance, which IT security practices contribute the most to successful mission outcomes?
The urgency to integrate, modernize IT security globally
Public sector leaders are not alone in their journey to improve security practices. Many of their peers across the public and private sectors are questioning their existing security programs and looking for the right tools to meet current and future needs. At present, we are all in a period of collective growth in our understanding of security, identity and access.
That is why Cisco recently partnered with the Cyentia Institute to conduct an expansive study of current security practices. The Security Outcomes Study correlates a wide range of security practices with program-level outcomes to see which practices are showing measurable results.
The study surveyed nearly 5,000 IT, security and privacy leaders from 25 countries to gain a clearer picture about where organizations are in their security journey. Our goal was to provide greater context into security outcomes so IT leaders can help their executives focus on a core cyber strategy for 2021.
Getting executive buy-in on security investments hasn’t always been easy; but IT leaders are least getting their attention, with more than half of respondents in the study reporting that IT security is very important to leadership. For federal agencies, this shift in perceptions can be attributed, in part, to an increase in concerns about cyberthreats that may hamper mission delivery.
The results showed us that a modern, integrated security approach is the best path toward securing the enterprise. Out of 275 possible combinations of security practices and their resulting outcomes, 45 percent showed a significant correlation — meaning a specific practice affected the likelihood of achieving a certain outcome.
Finding the most successful security practices
In all, respondents pointed to seven practices that best contribute to key security outcomes. Those include a proactive technology refresh, well-integrated technology, timely incident response, prompt disaster recovery, accurate threat detection, program performance metrics and the use of effective automation.
Most respondents who said their organization’s tech refresh strategy emphasizes proactive refreshes with best-of-breed IT and security technologies are 11%-to-15% more likely to report successful security outcomes.
However, this strategy isn’t always attainable in the public sector due to budget and procurement limitations. Fortunately, the findings indicate that if an organization doesn’t accomplish a timely a tech refresh, that won’t mean its security strategy will fail. Having a sufficient budget was one of the factors tested in the survey, and there was not a significant correlation with a strong security program.
This is good news for agencies. IT leaders can look at alternate success factors in the report that show measurable benefits for a great security program. Some of those include:
- Timely incident response, bolstered through preparation, smart tools and tested processes.
- The use of performance metrics to drive operations and clear reporting of that information to executive leadership.
- Good communication and collaboration between IT, development and security teams.
Additionally, the report suggests that finding a balance between strong governance, operations and an enterprisewide security strategy will ensure overall success of the program.
However, the findings indicate that achieving basic security practices may not be as easy as it sounds. Respondents report that fundamental practices still elude their organizations in areas like threat detection and vulnerability remediation, which were cited as less likely to be practiced.
Finding the right partners to work with
The results of the global pandemic have led all organizations to look more closely at cloud-delivered technology. And the security capabilities that fit this model need to support and deliver zero-trust capabilities at the edge, which includes automation for better detection, response and recovery in the event of a cyberthreat.
SecureX , for instance, is Cisco’s cloud-delivered, integrated security platform that delivers all these things. Secure access service edge (SASE) is a modern security solution that enables complete visibility, operational efficiency and workflow automation to speed detection, investigation and response for prompt recovery.
And SASE not only improves security, but also modernizes connectivity, which fits naturally into Cisco’s work with our federal government partners.
Though network partnerships, and our cybersecurity capabilities, that also means Cisco is keenly positioned to give federal agencies better visibility into what’s going on in their environment and provide better controls to take actions against threats quickly.
Learn more about how Cisco can help your agency build a cloud-ready network.