Followers of this series are now well aware that SolarWinds MSP released the results of a survey into the cybersecurity preparedness of businesses last month—you can read the full story here.
As part of this process, we uncovered seven key areas where the survey data showed that companies were quite obviously failing in their approach to security. This series of posts sets out to examine these areas, one by one with a view to helping companies, managed service providers (MSPs), and other IT professionals to make serious inroads against the growing landscape of security threats.
This week’s blog focuses on how companies are opening themselves up to cyber security breaches by being by inflexible when it comes to adapting to attacks and changing their defences accordingly.
In the aftermath of a security breach, it seems logical that companies would want to look at where any holes in their system had been identified, and then look to implement technology or processes to help protect any gaps. Not in a “bolting the stable door” way, but as part of an integrated, overall strategy to try and continually improve their cyber defences.
Surprisingly, our survey found that out of the 400 companies across North America and Europe, this doesn’t appear to be the case with the majority of survey respondents.
Following a breach—which as we found earlier was experienced by 71% of respondents—only 44% of respondents said they had implemented any new technology, and just 41% said they changed their processes. We did discover that 42% start looking into new technology, but worryingly 14% of respondents said they actually purposefully did nothing at all.
It’s this latter statistic that is the most alarming; surely after the pain and potential loss from a security breach companies would want to look at a stronger prevention strategy. One theory for this is that perhaps the technical departments of these businesses are completely overwhelmed or maybe obsessed with the projects that the company is already trying to deliver.
If these companies are not comfortable managing a suitable response to a data breach, or to architecting a solution to help protect that company in the future, this is where MSPs can play a huge role. They can be the catalyst for change acting as the fire department helping businesses that are recovering from a data breach scenario. MSPs have the skillset and knowledge to become a trusted advisor and help companies craft change in these organizations, designing systems and responses to help companies overcome past security failures.
The battle against cyber crime is ongoing and only by learning from our past mistakes and proactively preparing can we hope to secure our networks in the future.
Last week’s blog post look at how companies’ “Complacency” and a lack of robust reporting are affecting the security landscape, click here to read the article.
Click here to find out more about how SolarWinds MSP can help you with your layered security