Page 94 - Cyber Defense eMagazine Special RSA Conference Annual Edition for 2022
P. 94

patches and updates just won’t cut it. Daily scanning won’t get the job done either, because a single scan
            will miss the 49 others that surface every 24 hours. Agencies must continually seek out and identify blind
            spots to stay genuinely protected.


            Compliance fails without proper controls

            Mastering the basics of cyber hygiene boosts resilience across the board. When agencies get into the
            habit of thinking that adhering to compliance standards alone provides security, they lose their cyber
            resilience.

                                               1
            To ensure resilience, agencies must  establish controls in addition to compliance standards, while cyber
            hygiene will include vulnerability patching, comprehensive asset management, user education, email
            protections, and improving password habits. As the post- mortem of every breach shows, human error
            almost  always  plays  a  role.  Even  compliance  standards  can't  eliminate  people  from  the  equation.  If
            compliance alone can’t prevent an attack, it can’t be an agency’s security strategy either.



            The good news is there's clear guidance for agencies looking for direction on exactly what controls to put
            in place. From the National Institute of Standards and Technology (NIST) to the Department of Homeland
            Security’s  (DHS)  Cybersecurity  and  Infrastructure  Security  Agency  (CISA),  there  are  countless  free
            resources for those seeking best practices, tools, and frameworks to set them on a path to success.


            To succeed in cybersecurity, diversify the team

            With all our many shortcomings, humans remain a critical component in the defense against threat actors.
            As the cyber landscape evolves, IT and security teams must also evolve. Cybersecurity teams must use
            creative problem solving and diverse ideas and tactics to meet emerging threats. Unfortunately, limited
            viewpoints create a barrier to a team’s ability to mitigate and respond to attacks comprehensively.

            Teams  are  stronger  when  they  leverage  the  power  of  their  similarities  as  well  as  their  differences.
            Problem solving, strategic planning, and innovation all benefit from diversity and inclusion. Importantly,
            diversity drives innovation. As Dr. Telle Whitney, a computer scientist and pioneer on the issue of women
            in  technology,  said,  “When  we  limit  who  can  contribute,  we  in  turn  limit  what  problems  we  can
            solve.”  Wise words that point to a fundamental challenge we’re now facing, one that can and must be
            solved if we don’t wish to stifle innovation.

            Gender  diversity  has  proven  critical  for  organizations  of  all  types  across  decision-making,  problem
            solving, and collaboration. Gender diverse companies are 21 percent more likely to have above average
            profitability, and companies employing an equal number of men and women manage to deliver up to 41
            percent higher revenue. Diverse teams are 87 percent better decision-makers than individuals.  Research







                                                                                                              94
   89   90   91   92   93   94   95   96   97   98   99