Democratizing Cybersecurity: Prevention is Better than Detection

By Shambhulingayya Aralelemath, Associate Vice President and Global Delivery Head, Cybersecurity, Infosys

An exponential increase in cyberattacks, the prevalence of cyber threats, and the expansion of attack surfaces require the adoption of comprehensive steps for safeguarding enterprises from breaches. Companies are continuously deploying more and more cybersecurity tools to improve their security posture. Despite this, enterprises continue to get attacked. The challenge of falling short of achieving the optimal security posture is amplified by a lack of skilled talents who can effectively configure the tools for achieving the best outcomes. As a result, security is perceived as a stumbling block that slows down the pace of digital transformations.

However, cybersecurity is not the responsibility of a few skilled individuals or the CISO security office team alone. Instead, an effective security posture mandates the adoption of a shared security responsibility model, which is enabled by the democratization of cybersecurity. It facilitates the interlinking of secure-by-design principles with business-centric architecture and determines the effectiveness of the deployed security controls. Further, it bridges the talent gap with the enablement of cross-functional teams to deliver the security requirements, as per the shared responsibility model.

The democratization of cybersecurity amalgamates user experiences with outcomes of the deployed security controls and tools. The approach of enabling enterprise workforce on security best practices, making them aware of non-secure behavior, and providing a construct for being responsible by design in the use of frameworks helps in reducing the friction in homogenous adoption of cybersecurity controls across an enterprise.

The framework for the democratization of cybersecurity in an enterprise should be curated to derive quantifiable metrics that can establish an empirical correlation between the business risks and the maturity of the security posture. However, the metrics may not provide efficient insights if there is a lack of visibility of the complete attack surface of an enterprise. One can build the foundation for successful democratization of cybersecurity by using appropriate tools, policies, processes, and people skills that help with the ability to observe, protect, detect, and respond to cyber threats.

The rollout of a security-first culture aligned with the shared responsibility model helps reduce dependency on the availability of niche skilled cybersecurity experts. It enables everyone to contribute to the protection of an enterprise’s digital ecosystem. Enterprises can keep pace with the continuous, dynamic threats by adopting the shift-left of security principles and automation in implementing security control, policies, and compliances integrated with AI and machine learning principles.

For example, the security posture is strengthened through centralized collection and normalization of real-time telemetry data from existing security tools and control points, analyzed with machine learning techniques to detect anomalies, and integrated with automation capabilities to accelerate response to incidents.

Some of the key features for the successful orientation of the security transformation approach include:

Secure By Design: It requires mapping business prerogatives with the enterprise security architecture and ensuring minimalistic, yet effective controls are designed and implemented across the lifecycle journey of any technology deployment (for example, the rollout of modern workplace capabilities) in an enterprise. The Secure by Design framework lays the foundation for the cybersecurity shared responsibility model.

Visibility of attack surface: Enterprises suffer from cyber threats that attack assets that are not protected due to lack of visibility. Processes defined to bring about observability of all enterprise assets that exist on-premise, on-cloud, or are SaaS-based ensure the elimination of blind spots in managing attack surfaces.

Protection with cybersecurity controls: The security controls ensure that the enterprise is adequately protected from cyber threats, and effective guardrails are enforced to prevent the occurrence of cyber incidents. The controls to be deployed are aligned with the Enterprise Security architecture and conform to the applicable regulatory and compliance standards (for example, NIST CSF, ISO 27001, CSA CCM, and more)

Integration and interoperability of cybersecurity controls: Adoption of architectural principles like Cybersecurity Mesh Architecture (CSMA) enables the implementation of security controls with composability and contextual correlation across heterogeneous technology interfaces.

Detection and response to cyber incidents: Continuous monitoring, identification of threats, and ability to respond to cyber incidents help enterprises be ready to address any cyber incident. This also includes the ability to perform the root cause analysis for cyber incidents and perform correlation with historical data to enable effective remediation.

Thus, we recommend a structured approach to the democratization of cybersecurity by leveraging the shared responsibility model and defining technology patterns for strengthening the integration of multiple cybersecurity tools. An enterprise that has succeeded in this endeavor can respond effectively to emerging cyber threats.

CybersecurityInfosys
Comments (0)
Add Comment