Ransomware Task Force as part of an effort to improve cybersecurity with small to medium enterprises has published a Blueprint for Ransomware Defense framework that is based on controls defined by the Center for Internet Security. (CIS). The principal goal of the effort is to make it easier for organizations that have limited resources to at least have a base level standard for attaining and maintaining information security.
The framework itself, as such, doesn’t include any guidance that most cybersecurity professionals would not already know. However, it does define a set of 40 vendor-neutral recommendations in the form of Foundational and Actionable Safeguards in a way that is easy to comprehend. Nearly 70% of the Actionable Safeguards recommended in the framework address issues such as implementing and managing firewalls, managing removable media security, and deploying and managing anti-malware software.
The perennial problem when it comes to cybersecurity within smaller organizations is they simply don’t have the expertise currently required. Most of these organizations are relying on a small team to manage all of their IT operations. The amount of time they can allocate to mastering multiple cybersecurity tools and platforms is limited. The fact that there needs to be a blueprint for these organizations only serves to highlight the scope of the challenge. Most cybersecurity tools and platforms are designed to be managed by individuals that have a fair amount of expertise. The fact that so many smaller organizations have little more than anti-malware software and firewalls is telling. The cybersecurity industry as a whole clearly needs to collectively drive toward simplicity.
Of course, there’s already no shortage of cybersecurity automation tools but, again, the bulk of those offerings are designed to be managed by a dedicated security operations team. The next era of automation needs to be squarely focused on making cybersecurity dead simple to both attain and maintain.
In fact, this is not an issue limited to smaller organizations. As larger enterprises rely more on IT teams to manage security operations, there is a similar pressing need to streamline processes. In fact, a survey of 280 cybersecurity professionals conducted by the research firm Enterprise Strategy Group (ESG) on behalf of the Information Systems Security Association (ISSA) found nearly half (46%) of respondents work at organizations that either plan to (25%) or are currently consolidating (21%) the number of security vendors they rely on. More than half of respondents (53%) said they usually purchase—or will purchase in the future—security technology platforms rather than best-of-breed products. The most common benefits of consolidation cited by survey respondents were operational efficiencies realized by security and IT teams (65%), tighter integration between previously disparate security controls (60%), and improved threat detection efficiency (51%).
The challenge, of course, is that simplicity cannot come at the expense of cybersecurity. The primary reason so many organizations today fall victim to ransomware attacks is that the tools and platforms they are being asked to defend themselves with are beyond their ability to master. Until the cybersecurity industry collectively solves that problem the ransomware scourge is likely to continue unabated.
Mike Vizard has covered IT for more than 25 years and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet, and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb, and Slashdot. Mike also blogs about emerging cloud technology for SmarterMSP.