“The Under Armour Hack Was Even Worse Than It Had to Be” (Wired), “Russians Are Suspects in Nuclear Site Hackings, Sources Say,” (Bloomberg), “Equifax Hack Leaves Consumers, Financial Firms Scrambling” (The Wall Street Journal).
These days, it’s hard to look at the news without seeing disquieting headlines like these, and it’s no wonder, considering that data breaches are soaring—reaching an all-time U.S. high in 2017.
For most IT leaders, it’s not a question of “if” but “when.” From government to healthcare to financial services to entertainment, no sector is immune.
Cybersecurity Spending Habits
So what do companies do in the face of this imminent threat? They spend, and spend some more. This year, companies will spend $91 billion on security, more than a 10 percent increase from 2017. And yet, the global cost of data breaches is set to reach the trillions by 2019. Needless to say, the investment is not paying off.
To try and stave off breaches, companies are spending on network security (both hardware and software), endpoint security software, and technologies like device vulnerability assessment software, software vulnerability assessment, user behavior analytics, and UTM hardware. But many breaches can be prevented by a simple shift in mindset that prioritizes basic cyber hygiene principles, weaving them into the architecture of the business.
Protecting the ‘Crown Jewels’
These principles are not new, but they can be difficult to implement given the current approach to cybersecurity, which is to focus on the entire IT infrastructure rather than individual “crown jewel” applications. In the prevailing system, it’s easy to forget that the infrastructure is simply the means; the applications and data are the ends. Case in point: network security is still the largest category of security-related spending.
Recently, however, a world of possibilities has opened up thanks to advancements in cloud and mobile computing that enable greater automation and better use of resources. To learn about the five core principles of cyber hygiene and how they can help protect mission-critical applications, download “Core Principles of Cyber Hygiene in a World of Cloud and Mobility.”