Ransomware and other threats continue to grow in sophistication and frequency. Current defense and protection practices for data and applications fall short on many occasions—just look at the number of organizations impacted by ransomware. Many organizations have begun to recognize that security needs all hands on deck to resist and recover from cyber threats.
And many organizations believe that IT and security collaboration will provide the force multiplier needed by security. With this collaboration, organizations can better deploy defensive tactics and also have unified, practiced, and well-orchestrated response and recovery processes in place to bolster cybersecurity. With the integration of technologies and processes, the extensive information and application environments of organizations can withstand and recover from cyberattacks, natural disasters, and system failures.
Strong indicators for collaboration and integration
Recent research commissioned by Cohesity reveals that while most IT and security operations (SecOps) decision-makers believe they should jointly share the responsibility for their organization’s data security strategy, many of the organizations lack the collaboration to achieve that goal. The survey also shows that this creates more cyber risk for their organizations.
Some of the key findings of this research:
The survey was conducted as nearly three-quarters (74%) of respondents believe the threat of ransomware in their industry has increased over the last year, with nearly half of the respondents (47%) saying their organization has been the victim of a ransomware attack in the last six months. The global survey uncovered the following results:
81% of respondents believe that security is a shared responsibility.
40% of respondents believe that cooperation between the groups has not changed with 12% saying it has actually declined.
42% believe this lack of cooperation creates more exposure to cyber threats and 42% citing this exposure could lead to data loss.
As summed up by Cohesity’s CISO: “This research pinpoints there is often a lack of collaboration between IT and security teams that we’re seeing across many organizations today,” said Brian Spanswick, chief information security officer, Cohesity. “For too long, many security teams focused primarily on preventing cyberattacks, while IT teams have focused on data protection, including backup and recovery. A complete data security strategy must bring these two worlds together—but in many cases, they remain separate and this lack of collaboration creates significant business risks and can put companies at the mercy of bad actors.”
And let’s look at the recently concluded RSAC 2023. We get an overview of the RSAC 2023 Theme, “Stronger Together,” from the conference website. “We are a community of many. No one goes it alone; we build on each other’s diverse knowledge to create the next breakthrough—exchanging ideas, sharing our success stories, and bravely examining our failures. With a world of evolving threats to stop and solve, only by working as a team and continually adding new perspectives will we be able to affect the kind of progress that can shape policy, establish new best practices, and ensure our defenses become more diverse, more resolute, and far more effective. When collaboration is our foundation, the future is bright. RSA Conference 2023. Stronger Together.”
Did you see the blog by Michael Daniel, president and CEO of the Cyber Threat Alliance? Mr. Daniel details the need for stronger collaboration between security and protection solution providers. From his perspective, he believes solution providers can work together to accelerate collaboration and reduce complexity.
It is clear that no one cybersecurity or cyber recovery solution provider holds all the keys to ensure cyber resilience. Only with cooperation and collaboration can these organizations help their customers improve their ability to withstand threats and recover from attacks. It takes investment in the form of integrations and the cooperation of support and response teams. No one group in an organization holds the keys to cyber resilience and many organizations are perceiving the need to have strong collaboration not only between IT and security, but employees and management as well.
Data Security Alliance: Cooperation and collaboration to battle cyber threats
To help businesses and governments fight cyberattacks, more than a dozen security industry heavyweights (Palo Alto Networks, Crowdstrike, Tenable, Mandiant, OKTA, Cisco, PWC, Splunk, Securonix, Cyberark, BigID, Qualsys) formed the Data Security Alliance in November 2022. Data security and protection are the missions of the Data Security Alliance. It achieves this by integrating data security and management with cybersecurity to improve cyber resiliency, as well as delivering critical technical integrations and architectures, best practices, and thought leadership around a common goal.
The Data Security Alliance integrations and best practices will help organizations weave a cohesive set of processes and controls to minimize the impact of cyber incidents. It also will increase organizational confidence in data stored everywhere—across public, private, and hybrid computing environments. With data at the center of your cybersecurity strategy, your organization can positively:
You can achieve these benefits because your team can proactively stay ahead of threats throughout the distinct phases of the ransomware journey:
Cohesity will feature topics and new content on the Data Security Alliance at our data security and management virtual summit, Cohesity Catalyst 2023 on May 23-25. Sessions will reveal key considerations and integrations for achieving and sustaining cyber resilience.