Hero Panel Image

EDITOR'S PICK

Are you ready for the great cybersecurity RESET?

Share:
Phil Armstrong

Phil Armstrong

CIO

Great-West Lifeco, Inc. (former)

Oct 4, 2021

Business leaders can improve the effectiveness of cybersecurity spend by increasing adaptability, responsiveness, and coverage capabilities. But how? Enter the "great cybersecurity RESET."

Have you heard about the “great cybersecurity RESET” yet? 

The reset is a new wave of activity and an emerging global trend centered around cybersecurity planning. Businesses around the world have waged an all-out war against the nefarious attempts of extortion, ransom, and fraud perpetrated by cybercriminals to the tune of hundreds of billions of dollars. The cybersecurity industry has changed beyond recognition to evolve and match shifts in technology, such as cloud, 5G, artificial intelligence, Internet of Things (IoT), mobile, and edge computing. Systemic cybersecurity challenges have crept up to the top of agendas across domestic and international politics with the realization that cyber resilience is a public good. 

The emergence of new business models indelibly shaped by ubiquitous access, a proliferation of start-up companies challenging standards and norms, and the Covid-19 pandemic has also sowed and fertilized the seeds for the great reset. To add to the challenge, cybercriminals have organized into cooperative cells on the dark web, collaborating to profit from their tools by selling ready-made hacking kits. The criminals now use increasingly sophisticated technologies such as AI to ply their trade. As their sophistication increases, so does the sophistication and cost of the tools required to thwart and mitigate their efforts. 

For many small- to medium-sized companies, the cyber defense budget is a growing concern because it drives up the cost of doing business eroding margins and profitability. Perhaps more disturbing is the efficiency at which the criminals can now operate. They target weak, ill-prepared, and vulnerable business organizations. We’ve seen triple-digit percentage increases in ransomware attacks, earning status as a global plague. This endeavor would not be sustained if it were not yielding results.  

Most companies have invested in cyber defense tools that range from anti-virus, endpoint detection, identity and access management, virtual private networks, password vaults, network segmentation, data encryption, and two-factor authentication. Spending fatigue is present within management teams and boards as they struggle to balance the need for risk mitigation with the expense and opportunity cost. 

Traditional defenses and tools fit into an architecture that has served us well. Today though, this outdated and vulnerable architecture has run its course. Over the next eighteen months expect to see technology and business leaders pushing for newer, more effective, and sustainable solutions. They want to see cybersecurity architecture with the following attributes:

  1. Adaptable to change to offer a greater return on the investment with a longer effective shelf life
  2. Designed to leverage prior investments that were difficult to embed within the organization
  3. Cost-effective and can deliver business flexibility
  4. Integrated across an ecosystem of options, technologies, and partners

Technology leaders are demanding a plan that incorporates everything that we have learned so far. It is as if the world is taking stock and approaching this time as an opportunity to RESET. Reset the thinking, the design, the coverage, the spending patterns, the maintenance costs, the complexity, the partners engaged, and the effectiveness of integration. The great cybersecurity RESET is happening globally. In the wake of the pandemic, technology and business leaders are asking: How can we set up our company for future success? How can we futureproof our innovation and create the right environment for growth?

Zero Trust is the dominant architecture powering a Secure Access Service Edge (SASE) ecosystem

My instincts tell me that the great cybersecurity reset will become a trend over the next 18 months as companies look to reposition their cyber approach and defenses. Perhaps we’ll see a new hashtag spread (#C-RESET) and communities rising to discuss and share progress in this important field? It is still early, but the momentum is shifting to a zero trust architecture (ZTA) powered by the cloud. Several technologies, solutions, and companies can plug into a ZTA model using an open architecture facilitated by APIs. This ecosystem provides responsive, sustainable, and adaptive coverage and protection. 

Unprecedented cooperation and collaboration 

The reset is forcing business leaders to collaborate with technologists and the cyber team who need to coordinate the network engineers, telco engineers, IT risk management professionals, infrastructure teams, application development teams, finance, and operations teams in ways that have not been seen in the past. You hear terms like Bus/Dev/Sec/Fin/Ops being mentioned in a tongue-in-cheek manner. But this refers to a level of coordination and cooperation previously unseen, this is the new reality for many companies.

Vendors, suppliers, and solution partners can feel the immense opportunity emerging from this amount of change within the industry. With a myriad of options and choices, technology leaders will need to plan and select key partners wisely. Some will ignore this chance to reset at their peril. There is an element of confusion in the industry with the emergence of new acronyms, and different partners all fighting for attention. There will be some important decisions ahead.

It is a critical, exciting, and challenging time ahead for many of us, but the great reset has begun. Pay attention to this space and watch for the emergence of the great reset as our industry adapts to this new normal.

What to read next 

The anchor of legacy debt

CIOs are caught in a perfect storm: Navigate with Zero Trust

“Saving Face” as a CISO: Let Zero Trust accelerate change

 

Recommended