Although cybersecurity incidents are daily news, with reports of escalating impacts and costs that are sometimes measured in the billions, at least one survey has identified new reasons for optimism.
According to the Global State of Information Security Survey 2016 from PricewaterhouseCoopers (PwC), the vast majority of organizations—91%—have adopted a security framework or, more often, an amalgam of frameworks.
The most frequently followed guidelines are ISO 27001, the US National Institute of Standards and Technology (NIST) Cybersecurity Framework and SANS Critical Controls. Respondents say adoption of these types of guidelines enable them to identify and prioritize threats, quickly detect and mitigate risks and understand security gaps.
A risk-based framework allows companies to better communicate and collaborate on cybersecurity efforts, internally and externally. These frameworks also can help businesses design, monitor and measure goals toward an improved cybersecurity program. And many say that risk-based standards have helped ensure that sensitive data is more secure.
In another extremely positive trend, PwC noted that technology advances can dim the focus on the cybersecurity competencies and training of people. So it is encouraging to find that top security executives and Boards of Directors are playing increasingly prominent roles.
This year, 54% of respondents reported they have a CISO in charge of their security program, and 49% have a CSO. Today’s CISO is a business manager who should have expertise not only in security but also risk management, corporate governance and overall business objectives.
Also, 46% of survey respondents said their Board participates in information security budgets, which may have contributed to this year’s significant boost in security spending. Other notable outcomes include identification of key risks, helping foster an organizational culture of security and better alignment of information security with overall risk management and business goals.
Also, the report noted that 59% of respondents leverage Big Data analytics to model and monitor for cybersecurity threats, respond to incidents, and audit and review data to understand how it is used, by whom and when.
This is important, considering that a data-driven approach can shift cybersecurity away from perimeter-based defenses and enable organizations to put real-time information to use in ways that can help predict cybersecurity incidents. Data-driven cybersecurity allows companies to better understand anomalous network activity and more quickly identify and respond to cybersecurity incidents.
Some businesses are combining Big Data with existing security information and event management (SIEM) technologies to generate a more extensive view of network activity. Others are exploring the use of data analytics for identity and access management to monitor employee usage patterns, flag outliers and identify improper access.
And finally, speaking of data sets, another positive trend is partnering up to sharpen security intelligence. Over the past three years, the number of organizations that embrace external collaboration has steadily increased, the report found. This year, 65% of respondents said they collaborate to improve cybersecurity and reduce cyber-risks, up from 50% in 2013.
And those that do work with others cite clear benefits. Most organizations say external collaboration allows them to share and receive more actionable information from industry peers, as well as Information Sharing and Analysis Centers (ISACs), government agencies and law enforcement. Many also say information sharing has improved their threat awareness.