With the threat of massive cybersecurity incidents looming large, it’s easy to overestimate the capabilities of today’s hackers.
The movies paint a slick picture of crafty, nimble geniuses, able to hack the mainframe from any computer terminal available. But the reality is, of course, different.
Sure, cyberattacks have been on the rise for many years, and have included numerous high profile events that have exposed the sensitive data of millions of people. Still, it turns out they’re relatively predictable. Most breaches aren’t done overnight, the vast majority make repeated use of well-known exploits, and only 0.4 percent occur zero-day (a cyberattack where a new security gap is exploited before it’s patched).
Proactive, rather than reactive, security measures need to be taken for organizations to address security threats reliably. In this article, we talk to cybersecurity experts and delve into the latest research, all to figure out the cost of cybersecurity incidents, and how proactive cybersecurity practices and technologies—like threat modeling—can keep them at bay.
Necessity of a Proactive Cybersecurity Approach.
In no uncertain terms, today’s organizations are far behind in cybersecurity preparedness. Exactly how far behind? Over the past several years, businesses began taking a more proactive approach to cybersecurity. But adoption has been painfully slow.
That’s cause for concern, seeing as how an IBM study revealed that 48 percent of surveyed IT security practitioners reported a data breach that resulted in the loss or theft of more than 1,000 records, “containing sensitive or confidential customer or business information.”
It’s like a bank setting up a safe and not a security camera.
And what organizations are doing to defend themselves doesn’t seem to be working — 69% of surveyed SMBs reported that an attack got past their intrusion detection system.
All the more concerning is the high cost of cybersecurity breaches. Small-and-medium-sized business spend an average of $1.2 million in the wake of cybersecurity incidents — including costs associated with the disruption of business — with total damages amounting to $1.9 million. For enterprises, a 2019 IBM study reported the cost of a data breach as $3.92 million.
Considering the high cost of remediation relative to prevention, integrating security considerations into product development works out to be a surprisingly cost-effective strategy and greatly improves the bottom line.
“Remediation means spending a lot of time and money to get back to square one,” says Alex Bauert, Sr. Director of Threat Intelligence at ThreatModeler. “It’s the same thing as getting seriously sick; if you wait forever before going to the doctor, you both risk your sickness getting more serious, and your recovery taking longer.”
Proactive Security Requires a Continuous Effort, Planning, and the Right Technology
Ultimately, proactively addressing cybersecurity risks requires the right technological approach — but must be based on your threats. In planning, consider the scope of your assets, and categorize them according to type and value. The right solution should become clearer once you’ve identified your greatest threats and your most valuable assets.
Proactive cybersecurity also extends beyond a one-time check-up. “The greatest challenge of proactive cybersecurity is that, unlike the reactive one, it can’t be sporadic,” said Alex Paretski, Knowledge Manager at software development company Itransition.
Rather, proactive cybersecurity is a continuous process. This means that your work isn’t completed with a network-wide security plan instead, business operations and ongoing product development should be conducted with cybersecurity in mind early in development.
Amongst today’s engineers, however, security may be considered an afterthought at best, and a wholesale impediment, at worst.
Despite that, organizations should adopt development security operations into development cycles. A combination of threat modeling, security assessment, penetration testing and code review should be implemented so that security-minded engineers can spot and resolve security problems early — ideally long before production.
“Every change within a piece of software or a network should be followed up with relevant security activities revealing how the applied modifications have impacted the overall security state of a solution or the entire environment,” says Paretski.
To Protect Your Organization Proactively, Shore Up Security on Your Most Vulnerable Assets.
Threat modeling has emerged as a viable solution to the ever-increasing array of cybersecurity threats. It works by analyzing IT applications, infrastructure and networks for threats — based on pre-ordained objectives — and lays out countermeasures to prevent attacks and/or mitigate damage.
This positions threat modeling as valuable process in proactive cybersecurity. And not only will it aid in the identification and mitigation of threats, the threat modeling process also helps developers by getting them practiced in considering security issues during builds. After learning that in-transit data can and should be HTTPS encrypted to avoid exposure for instance, they’ll be that much more effective in securing their applications in the future.
“The bottom line is that threat modeling leads to a discussion,” said Brandon Jeanmarie in a Security Intelligence article. “Discussions lead to the exchange of knowledge and knowledge leads to better execution.”
What’s more, threat modeling delivers added value as it is executed consistently and repeatedly (the process can also be automated, more on that later). Often, when threat modeling is conducted on a consistent basis throughout an organization’s application portfolio, secure design patterns begin to emerge that can be documented and leveraged by application development teams.
ThreatModeler is a Collaborative Tool That Automates Threat Modeling.
ThreatModeler is an automated threat modeling tool that greatly simplifies and streamlines the threat modeling process — and it’s built for collaboration. The application’s core functionality, driven by the Intelligent Threat Engine, leverages application architectural data to identify all threats to each and all components. The Intelligent Threat Engine relies on leading resources in best practice and compliance to evaluate an organization’s security posture.
Once threats are recognized, they’re compared to an ever-growing threat library, which gathers information in the form of security requirements, test cases, threat agents, code review guidelines, and code snippets. Essentially, all the data you need to prioritize security projects and reduce exposure to risk.
Proactive Cybersecurity is Proportional Response to Ongoing Risks.
While it may appear complex at first, proactive cybersecurity is the natural next step in addressing each risk at its source. The faster you’re able to address a security issue, the cheaper and easier it is to fix.