Data breaches, malware attacks, insider threats, and smart device hacking have all defined 2019’s list of cybersecurity threats. Along with this, the State of Cybersecurity 2019 report by ISACA found that 69% of respondents said their cybersecurity teams are understaffed. The report also found that it can take six months or longer to fill cybersecurity vacancies. These challenges will continue to plague organizations in 2020 if proper action isn’t taken. It’s very important for businesses to take time to develop a sound cybersecurity plan for 2020. Here are five factors to help develop a strong plan for the upcoming year.
Setting the Budget
Many businesses are already planning to take the necessary step to increase data security by increasing their cybersecurity budget. A study found that 76% of organizations plan to increase cybersecurity budgets in 2020 with the largest number of U.S. participants indicating an increase of 10% or more to the budget. These larger budgets will be put towards staff additions, updating security technology, cybersecurity education resources, and AI research.
It should be a top priority for CISOs to analyze the current state of cybersecurity within their organization and identify what weaknesses need to be addressed with the board before the start of the new year.
Transitioning to the Cloud
Moving to cloud technologies can be a tricky step for many companies. However, cloud capabilities can be very beneficial in long-term security success. Over 44% of global respondents expressed that some variation of their environment had been transferred to the cloud with 17% expressed full cloud deployment. Cloud computing leverages networking technologies and virtualization to structure networks more efficiently. The primary goals of transitioning to the cloud are securing the network, backing up data, and making information accessible to the appropriate personnel.
Establishing Multifactor Authentication
As 2020 approaches, we could begin seeing the dismantling of passwords. New security technologies are being developed alongside multifactor authentication (MFA) that will provide stronger security than passwords. Organizations that are not already using this form of security should strongly consider making it a priority for the new year. User credentials are being stolen on a daily basis. Adding two or more authentication factors ensures that the network is secure even if one set of credentials is compromised. In 2019, MFA was instrumental in preventing an array of phishing campaigns, and brute force attacks. As more organizations add this layer of security, this trend should continue in 2020.
The first step in consolidating data is to understand where data is entering the network and how it is being stored. Multiple entry points and storage techniques can expose an organization to more risks. Companies that identify holes in data management should consider consolidating data by limiting entry points, storage locations, and accessibility. This will reduce issues involving data duplication and cost associated with managing multiple databases.
Assessing the Risk
One final factor to consider is outsourcing a risk assessment test. This ensures that every gap that could potentially result in a breach is filled. Organizations must take the extra step to ensure that they are covered in every area. This includes reviewing policies and procedures, reviewing network architecture, reviewing physical security, reviewing backup and recovery procedures, reviewing disaster recovery and incident response plans, and creating a gap analysis. Starting 2020 with a risk assessment can help CISOs and security professionals sleep better at night, knowing that their organization is taking every precaution to make 2020 a safe and successful year.