Blask contends that cybersecurity insurance can, over time, help enterprises better manage cybersecurity risks. “One of the wonderful things about insurance is it can determine what's good enough (security), and the actuarial process will provide the math to help determine what protective measures work and how effective they are. From the insurance perspective, they need to know what [level of risk] they're getting into. That's the entire conversation in insurance right now: how to make better decisions on the cyber security risks they're accepting transfer of,” Blask says.
Use of security frameworks paying off
The survey also found that the long-term investment enterprises have made into security frameworks such as ISO 27001 and the US National Institute of Standards and Technology (NIST) Cybersecurity Framework are paying off. Benefits respondents cited include: the ability to better and more quickly detect and mitigate security incidents (47%), better able to identify and prioritize risks (49%), sensitive data is more secure (45%), and a better understanding gaps in policy (37%).
In the end, all of these security efforts are about helping the enterprise to use technology to be more efficient and succeed. “Enterprises are looking for ways to be more agile, grow, and embrace the cloud more securely,” said Jim Reavis, executive director of the Cloud Security Alliance.
The survey found that a big part of moving forward securely is the use of security data analytics. A sizable 59 percent of respondents are using security data analytics to some extent, and many are citing improvements such as better understanding of external threats (61 percent), better understanding of internal threats (49 percent), and a better understanding of user behavior (39 percent).
“I view security as a collection of security metadata, analysis of that metadata, and enforcement of policy,“ said Shields. “Right now we're at the stage where we're increasing our collection of metadata. Drastically. We're working on ways to get at continuous scans of our web applications so that we have that data always coming in. We can continually assess every endpoint on our traditional network and we can continually assess security enforcement or security metadata from our cloud providers,” he added.
“The next step for improvement is how we improve the analysis. That will be through automation, machine learning, and artificial intelligence,” Shields says.
Sign up for MIS Asia eNewsletters.