Cybersecurity Blogs

Want to improve cyber security? Too many tools aren’t the solution!

Cyber-attacks pose a serious and ever-increasing risk to any organization. IBM Security has found that 51 percent of organizations have experienced a significant disruption of business operations due to a cybersecurity incident in the past two years. In response, organizations are taking more and more measures to make themselves resilient and improve cyber security. Nevertheless, IBM concludes current precautions are often still inadequate.

IBM conducted a study among more than 3400 organizations, including hospitals, banks, and government institutions worldwide. It provides insights into the measures companies take and the results they achieve. For example, 26 percent of the organizations indicate that they have a company-wide Computer Security Incident Response Plan (CSIRP). In addition, organizations have 45 different security solutions and technologies on average in use.

improve cyber security

More isn’t always better

Yet, more tools don’t necessarily result in better security. 30 percent of companies use over 50 security solutions and technologies; the excessive use of different tools results in a complex, inefficient environment. Companies with more than 50 tools appear to be 8 percent less good at detecting a cyber-attack and 7 percent worse at responding to an attack.

Relying on technology alone isn’t enough. For this reason, IBM recommends an enterprise-wide and up to date CSIRP. Although the number of organizations with a CSIRP has grown in recent years, more than half of the plans aren’t sufficient. For example, the plans do not contain scenarios for frequent attacks such as DDoS, malware, or ransomware. Moreover, many security plans might be outdated: only 7 percent review the CSIRP quarterly, while 40 percent of the organizations have no set time period for reviewing or testing the CSIRP. Although it is impossible to rule out an attack completely, a good CSIRP can limit the damage, should your organization become a target.

Training for end-users

Moreover, IBM’s research shows that there is room for improvement among end-users within an organization. 23 percent of companies think their resilience to a cyber-attack has not improved in recent years, due to a lack of training of end-users. It is important to continuously make all employees within an organization aware of (new) cyber threats.

The best way to do this is by continuously repeating information. New information is often forgotten within thirty days. However, this downward trend can be broken by repeating information over and over. Thus employees only become resilient to cyber risks when they are continuously informed and trained.

improve cyber security

Digital signage screens and corporate screensavers, to name a few, are very suitable channels for continuously informing employees. Netpresenter even offers a free template pack with handy, ready-to-use cybersecurity tips that are suitable for display on workstations and digital signage screens.

Could your organization use some support in the fight against cybercrime? Download 10 useful tips to sharpen your employees’ cybersecurity awareness for free. Or contact our experts to see how you can improve your company’s internal communication.

Richard
Richard Renkens

IT-specialist Richard Renkens has been with Netpresenter for well over a decade. Besides solving IT-related mysteries, Richard likes to blow off steam on his mountain bike.