Dealing with Limited Resources in Cybersecurity

Examining the Problem in Cyber

It is clear that limited resources are preventing cybersecurity professionals from doing their job well.

Spend 30 seconds at any cybersecurity presentation and you will hear an explosion of words like: smartphones, IoT devices, web servers, remote access to corporate networks, WiFi at your favorite coffee shop, web-based storage, etc. We are creating more and more cyberattack surfaces at a rate much faster than our ability to secure them. Typically, when behavior is seen to cause big problems, a natural response is to stop that behavior. Where technology is concerned, this is clearly not possible. The tidal wave of technological transformation and opportunity that surrounds daily headlines has left cyber teams responsible for keeping their organizations secure, nimble, and competitive.

I overheard a CISO of a major bank say “We do not have enough trained bodies to throw at our cybersecurity challenges.” So what can a company do? I’m going to answer this question with one of my favorite phrases – treat problems as opportunities.

Turning Limited Resources into Opportunities

If the reality is that resources are limited, the solution is to optimize the resources you DO have. I have listed 5 steps that help to effectively tackle the problem of limited resources by turning them into opportunities for:

Training. In short, to reduce our exposure, we need to get smart and train not only ourselves but also our people. Training options are available everywhere, and in many cases, for free. One of my favorite online resources is Cybrary (https://cybrary.it). They have a wide variety of cyber courses available, many that even qualify for continuing education credits. Increasing our knowledge. Knowledge provides insight into where you are, where you need to go, and how to get there. Understanding what a CVE is and which ones your organization is subject to creates awareness of your cyber posture. Mastering the security controls on your network and other infrastructure devices enables you to reduce your attack surface. Learning how attackers obtain access to your network and then vector through empowers defense in depth strategies to react to the realities they face. Being strategic about tools. It all starts with increasing your knowledge and understanding of all things cyber. Tools are great, but if you don’t know what problem you’re solving with them, you’re not going use them effectively. If you don’t know how the bad guys operate, you’re not going to know how to design and deploy effective defenses. Spending on cyber initiatives continues to rise. But that’s only a start. There has to be understanding of how and where to utilize those new resources to achieve the greatest returns. Use a computer to watch a computer. I know it goes without saying, but it’s just not possible to manually observe and react to all cyber events. It has to be automated, and it has to be comprehensive. You have to notice things like repeated failed login attempts, or even resource utilization that falls outside the bands of normalcy. You have to be able detect anomalous behavior, and that can only be done with systems and tools that can gather logs and alerts from a wide variety of sources, and then make sense of them. Finally, simplify. It’s a crazy paradox that although the computing age has enabled us to do things previously unimaginable, it has also created tremendous complexities that expose us to all manner of badness. Simplification isn’t simple, but it’s worth it long term. One global company I know has standardized worldwide on workstation configurations, patch schedules, etc. When a new zero-day threat emerges anywhere in the world, they can quickly determine what their full exposure is, and can react accordingly.

At the end of the day, dealing with limited resources comes down to being wise with how we manage the resources that are available to us and how we approach our problems. Turning problems into opportunities requires wisdom, and wisdom requires knowledge of how things work. By wisdom a house is built, and through understanding it is established.