A cybersecurity posture is essentially the total procedures, policies, and services that an organization uses to defend itself from cyber attack. Companies evaluate their security risk then develop policies, employee training procedures, and, if they have the resources, malware, virus, and other threat detection services, focusing on their most vulnerable assets.
In short, a cybersecurity posture describes an organization’s cyber threat readiness and identifies areas where this readiness can be improved.
A good cybersecurity posture keeps companies, their employees, their assets, their partners, their reputation, and their customers safe. At their best, they improve trust in companies that can show they take a proactive approach to keeping partner, employee, and customer data safety seriously. They also allow employees to work seamlessly, not sacrificing efficiency for safety—which is particularly important when most data breaches come from employee carelessness.
An effective cybersecurity posture begins with a cybersecurity risk assessment and company needs and goals. Once these have been laid out, companies can focus their attention on making plans and crafting policies. For instance, an established agro-tech company may want to expand its in-field robot fleet but may have an outdated malware and threat detection system. A good cybersecurity posture may recommend the company upgrade its threat management software before investing in more robotics. Or, it may lead executives to a new threat detection software system that is designed for remote IoT capable devices.
Employee knowledge and preparedness is another important data source. Continuous monitoring, along with some assessments like sending out suspicious emails to see if employees catch on, will help evaluate employee cybersecurity posture, and suggest education and training topics, if necessary.
Good cybersecurity posture systems incorporate a large amount of external data. Most of this data tracks website users and traffic. Some threat programs can identify suspicious behavior from website visitors, for example. IP addresses that don’t match a customer’s country of residence should also raise flags.
Other external data deals with third parties: business partners, software service providers, suppliers, and so on. While they may be run by trustworthy people, these companies may lack a robust cybersecurity posture themselves, which can put their partners and buyers at risk. Periodic audits of these organizations, then, should provide valuable data.
Finally, industry news is essential in this use case. Cyber attacks and scams constantly evolve, at a pace that sometimes seems to outstrip honest people’s ability to find defenses. Companies must, then, stay up to date on the latest trends and advances.
Additional external data that companies should find useful may include competitor analyses. Technographics, in particular, provide insight on what organizations in a market find important to invest in.
Customer sentiment and demographics may also be of interest. In general, customers like to feel they can trust their personal or financial data with companies they work with. Contacting customers to inform them of new cybersecurity policies or upgrades may improve customer relations and retainment.
Some challenges of building and maintaining a strong cybersecurity posture include price, employee management, and the fact that the field constantly changes. The fact that the field always changes, attackers always find new ways to breach defenses and steal data means policies, procedures, employee training, employee management, and software all need to be re-evaluated and updated periodically. This can be especially challenging when a company is on the smaller end.
The Defense Department has been pushing hard for digital modernization, but the massive hacking campaign that breached multiple federal government agencies via Solarwinds software has put some of its more nascent efforts at risk — namely software factories.
“This attack is a stark warning that our nation must bolster its cybersecurity posture and capabilities, and it must do so without delay,” wrote House Armed Services Committee Republicans Ranking Member Mac Thornberry (Texas), incoming Ranking Member Mike Rogers (Ala.), and four other members said in a statement Dec. 18.
Have I Been Pwned Domain Search lets users see if any email addresses on a particular domain have been caught up in any data breach
The RISI Online Incident Database tracks and rates (on a four-point scale) cybersecurity incidents, from viruses to remote access hacks
B2BSignals Cybersecurity Review is designed to help users to conduct research and comparison among cybersecurity solutions.
Data Security and Interoperability services provided by EcoSteer work to provide shareable data streams for businesses.
CBI Information Inc Cloud Security can deliver powerful threat detection, incident response, and compliance management services