After the recent cyber attack on SolarWinds and its downstream impact on public and private organizations, the priority being placed on cybersecurity is reaching new heights.
While most enterprises recognize the importance of cybersecurity in their business operations, many require a deeper understanding to establish effective security measures to minimize risk. In fact, studies have shown more than half of organizations are unprepared to manage the complex processes necessary to recover their systems after a malicious attack. This reality makes proactive cybersecurity planning a necessity in any enterprise environment. As a result, the market is moving towards Cybersecurity Resource Planning (CSRP), which provides a proactive approach to managing your cybersecurity program.
A CSRP tool helps manage your cybersecurity program by showing how your people, processes and technology are working, and answers the following:
- What people and tools are among your cybersecurity program resources?
- What networks, devices and software do you have?
- What systems, hardware and software are potentially at the greatest risk?
- What are your refresh and update plans?
- What methods do you use to identify vulnerabilities?
- What are your mitigation plans and steps for any identified threats or breaches?
There are many advantages to using a CSRP tool, but what are the top five?
A CSRP tool provides a single pane of glass view of your networks, systems, devices and data to ensure that every device is included and there are no gaps in coverage. Most organizations have multiple discovery and security tools, however each of these may only cover a portion of the networks or platforms. [CUT – repetitive: Often times, security teams have their own tools with people managing various platforms or networks, however there is no central hub like the CSRP offers.] A CSRP solution provides a central hub with complete information all in one place.
The process activities and how often we perform them are defined and documented in the CSRP tool. For instance, if x happens, how we handle x is documented. What if your organization experiences a breach, like the recent SolarWinds cyber attack? In this cybersecurity crisis, there was a process breakdown at one or more stages – the necessary preventative steps and safeguards were not in place. One result of such a breach is that the government and stockholders will come after you. If you have documentation of how your organization approaches cybersecurity to include your processes, it will be evident that you had well thought out preparedness plans and safeguards in place and that the breach was not due to carelessness or negligence, for what it’s worth.
When defining processes, it’s important to align with industry best practices and frameworks. A CSRP solution gives you confidence that every endpoint is covered by discovery or security tools and helps align your cybersecurity processes with best practice frameworks such as NIST Risk and Cyber, ISO 27001 and GDPR. For example, a framework will tell you the top ten things you should be doing and a CSRP tool will demonstrate how what you are doing fits into the broader framework. It’s very important to have this best practices reference. You are not locked into a specific framework and there is plenty of flexibility to add your own additional steps and activities.
Most security and risk frameworks require the identification of the role that each asset plays in a system. Infrastructure and Application Dependency Mapping visually depicts the connectivity between all devices and software applications, as well as their dependencies. It shows the mapping of every single asset and how it plays a part in a larger system or landscape.
An Audit and Risk Register supports the process of documenting potential risks to the organization’s network and data. These may be cyber threats such as malicious hacks, or other forms of risk such as employee error, falling for online scams, ransomware attacks and more. The register lists these potential threats and what would trigger them, which systems, assets and organizational functions may be impacted, and the probability of each threat occurring. This enables focused planning around prevention and mitigation response.
When it comes to CSRP tools, what are the best-of-breed solutions?
ClearArmor was a pioneering developer of Cybersecurity Resource Planning tools and maintains a unique and highly effective methodology. While the vast majority of today’s security tools are reactive, identifying potential or active security risks and chasing the issues, ClearArmor instills confidence with its comprehensive, proactive approach. You can plan ahead and know who needs to do what – and how – in order to maintain your defenses against cyber threats. When the CSRP is combined with the other functionality of the EracentArmored™ toolset, your organization can be prepared for and fortified against cyber attacks.