Security Validation in 2021: Why It's More Important than EverSecurity validation enables companies to continuously measure, manage and improve their cyber security effectiveness on an ongoing basis.
The past year has been marked by economic uncertainty stemming from the global pandemic, which has also created an expanded remote workforce and broadened the attack landscape. This has put more scrutiny over organizations' cyber security spending while attacks are on the rise and the targets and tactics used by cyber criminals have grown. As a result, CISOs and their teams need a way to quantify the effectiveness of their security posture. This can be achieved through cyber security validation.
See Also: You've Got BEC!
Along these lines, we see several security validation trends that will gain momentum in 2021 and beyond, as outlined below. These trends and more are discussed in FireEye's newly released report A GLOBAL RESET: Cyber Security Predictions 2021.
As companies automate more routine tasks, they can apply skills and expertise to more high-value, strategic activities.
1. Shift to a validation as a service
With new remote work models, an expanded attack surface, and more insidious tactics and techniques employed by threat actors, companies have begun to replace in-house security validation with fully managed or co-managed security validation. This shift will only increase in the coming year as more people continue to work from home. With fewer people (or none) working on-premises, having validation handled by a managed service provider makes the process easier and more efficient. This also frees up security teams to address other important issues that come up, such as responding to an alert or provisioning employee access to applications and resources.
2. The need to quantify security effectiveness
With attacks on the rise and security spending more heavily scrutinized, there is a growing need for CISOs to deliver quantifiable data to business executives about the effectiveness of the company's cyber security controls and its impact on the bottom line. When continuously validating security, CISOs can assess whether an organization's security performance is improving or worsening over time, determine how best to optimize tools, and rationalize spending to improve the company's risk posture - a key element in proving operational competency to the C-suite and preserving a company's financial position.
3. Security automation and training
As companies automate more routine tasks, they can apply skills and expertise to more high-value, strategic activities. Security validation has proven useful in helping CISOs identify areas where automation would benefit the company's security team as well as what aspects require more expert attention, particularly given the greater risks that arise from larger remote workforces. We see this as a growing trend, with security validation being used to show organizations - particularly those that lack processes and policies for data access - where weaknesses lie and how they can be strengthened through additional security awareness training, improved user access policies, and optimization of security controls.
4. Cloud validation
With more employees working from home, there is greater focus on whether the corporate VPN is working properly and if there are security risks stemming from people who have higher level access than they need. With employees not working on-premises, there is much greater use of the cloud for applications and access, and it is critical to know if cloud security is working as it should or if it's monitored in the right way. Cloud providers are responsible for securing the cloud, but security leaders are responsible for provisioning access to the right people and for the right data and resources, as well as for ensuring that data in the cloud is secure. Validation of cloud security plays a key role here and will gain prominence in the coming year.
5. Intelligence-led validation
Whether we are defending a nation, a building, or a network, intelligence is key. When operationalized and incorporated into the security validation process, threat intelligence enables security teams to understand the threats that are most likely to target the organization and test how well controls defend against them. As the attack surface continues to broaden and tactics by cyber criminals continue to grow more insidious, security validation that is informed by timely, actionable intelligence will play a critical role in the ongoing detection and response efforts for organizations.
At FireEye, we expect that companies will continue to invest in security validation in the coming year to determine if security controls are configured for optimal performance. Economic uncertainty may continue, but one thing that remains constant is that attackers will keep evolving and organizations will need to continue to ensure their security performs the way it should.
Mandiant Security Validation is a foundational technology for every security organization. It enables CISOs and their teams to understand and prove through data how well their security controls are working.
Security validation enables companies to continuously measure, manage and improve their cyber security effectiveness on an ongoing basis. With an expectation that remote work will persist into 2021, validation will help organizations answer questions such as:
- Is remote access to data stored in the cloud or on-premises secure?
- What vulnerabilities or gaps exist in our remote infrastructure?
- How are we provisioning access to resources, and are the security policies, processes and technologies we use working as they should?
To learn more about FireEye's 2021 predictions and our security validation solution, download A GLOBAL RESET: Cyber Security Predictions 2021 and visit Mandiant Security Validation today.