- 09 Oct 2020
- 2 Minutes to read
- DarkLight
CompTIA - State of Cybersecurity 2020
- Updated on 09 Oct 2020
- 2 Minutes to read
- DarkLight
Introduction
More than ever, companies are accepting that digital business is the way of the future. Regardless of the industry, offering or customer base, digital tactics are needed to survive in a dynamic and unpredictable environment. With this in mind, cybersecurity moves from a piece of IT operations into an overarching business concern. From formal policies to specialized teams, organizations are adopting the practices that will secure their new digital efforts, ultimately moving towards a new framework that defines a modern mindset. This report examines the state of cybersecurity as the world fully embraces digital transformation.
Key Points
Digital operations drive new security approaches
Satisfaction with current cybersecurity efforts seems high, with 36% of companies reporting they are completely satisfied and 43% reporting that they are mostly satisfied. However, this sentiment is driven in part by an executive viewpoint, and it may not be sufficient for a function as critical as cybersecurity. The shift to remote work is driving companies to re-examine their security practices, and this examination should continue through to all parts of an IT architecture, especially those pieces that have changed in recent years.
Cybersecurity practices are becoming more formal
As cybersecurity becomes less exclusive to the IT function, the broad organization needs to consider the practices that will lead to a robust security posture. First and foremost is risk management, where companies must assess their data and their systems to determine the level of security that each component requires. Another key process is monitoring and measurement, where businesses must constantly track security efforts and build new metrics that tie security activity to business objectives. Moving forward, these formal processes will likely coalesce around the zero-trust framework, which defines a mindset around ubiquitous verification that is needed in today’s distributed digital environments.
Security teams are expanding and becoming more specialized
The cybersecurity chain in a business now extends beyond the IT team to include the entire workforce, upper management, and even the board of directors. Each of these areas has specific responsibilities when it comes to cybersecurity, and creating a cohesive structure to the security discussion is a major challenge. Changes are also happening within the IT function. The complexity of cybersecurity is driving demand for a range of specialized skills, and most companies are upskilling internal resources and leveraging external firms in order to ensure the proper mix of expertise.
Cyber insurance is quickly becoming a business need
One of the main issues driving cybersecurity efforts is the growing impact that a breach can have on a business. As a result, cyber insurance policies are becoming par for the course, with 42% of companies currently holding a cyber insurance policy. Since this is a relatively new field, determining the appropriate coverage is a challenge. This involves not only the basic cost structure and coverage amounts, but also the initial work of determining a company’s security posture and the regulatory work of determining potential impacts across state or country borders.
This report is 10 pages. Use the >> button to print and download