PANEL OF EXPERTS
What are the top concerns most industry-leading companies are facing in cybersecurity? Holschuh: When speaking with my peers and executive partners, ransomware is one of the concerns that always bubbles to the top. There are so many potential delivery vectors that it isn’t possible to protect against them all. IT systems have become so critical to operations that a long-term outage would significantly impact revenue and reputation. The knee-jerk reaction is to pay the ransom to restore operations, but that money is re-invested in creating new ransomware technologies that continue the cycle. Even if you have good prevention technologies and solid back- ups, the time it takes to restore impacted systems might be longer than the business can tolerate. These attacks generate a significant amount of money for the bad guys, so it’s no wonder it is so pervasive. Why are companies shifting more budget to security detection and response versus prevention? Mayger: On average, companies detect intrusions in three weeks. During this time, cybercriminals have ample opportunity to steal data, extend their reach across the network, or achieve persistence and escalate their privileges. According to an IBM study, the cost of a data breach in 2021 was $4.24 million. Consequently, security budgets prioritize detecting and responding to malicious activity before attackers get on networks and cause damage. Azzone: A major factor may be that traditional prevention technology typically aims at preventing known threats, while detection and response solutions are getting better at recognizing patterns of behavior for both known and unknown threats. These solutions can identify abnormal behavior that preventative software may entirely miss. It is critical for detection and response capabilities to quickly identify and respond to events, whether that be through automation or an effective Security Operation Center (SOC).
30 | Panel of Experts
Powered by FlippingBook