Using Data to Make Smarter Cybersecurity Risk Decisions

By Stephen Roostan, VP EMEA at Kenna Security

Today’s cybersecurity teams are faced with an unprecedented number of decisions on a daily basis. To keep the enterprise and its data secure, they need to prioritise which vulnerabilities to fix first. No easy task when up to 18,000 new vulnerabilities are identified each year, adding to the millions already documented.

Little wonder that security and IT teams are regularly at loggerheads over what’s most important to patch? Is it the Zerologon vulnerability that compromises Microsoft’s NetLogon protocol, or or the 10-year old Baron Samedit bug that impacts the Linux ecosystem? That’s a difficult question for many organisations to answer.

This is why a growing number of organisations are turning to data science to enable more effective security decisions – decisions which also optimise the best use of available manpower and defence resources.  However, while taking a data-driven approach to decision-making proves a game-changer where cybersecurity is concerned, the problem is that most security practitioners aren’t data scientists.

So simply throwing a mass of data at these teams isn’t going to help them to act any more effectively or empower them to make better, smarter decisions.

The problem with data and cybersecurity

Most enterprise security teams are already drowning in a sea of sensor and scanner data that needs to be manually correlated, analysed, and interpreted. No easy task when you take into account the growing volumes of vulnerability data and the increasing complexity of today’s enterprise IT environments.

For security teams, getting their heads around all this data to gain appropriate and actionable insights is almost impossible. Typically, analysts spend huge amounts of time producing Excel- spreadsheets for remediation teams which contain thousands of so-called ‘critical’ vulnerabilities. Not only is the list long, it provides little indication of where they should begin their efforts.

All this highlights some of the practical realities of dealing with large data sets. Ultimately, making the right business decision is dependent on the quality of data gathered, how quickly it can be aggregated, and the effectiveness of its analysis and interpretation. Without a quantitative understanding of their own organisation’s individual risk, IT and security teams will be unable to confidently identify and prioritise which vulnerabilities pose the biggest threat to their enterprise.

Turning data into value-add and actionable insights

To address the data overload, security teams are adopting advances in machine learning and automation that eliminate the time and effort involved in cleaning and correlating data for routine analysis. Freed from these onerous tasks, security teams are now able to share intelligence they have gathered on the most high-risk vulnerabilities to their colleagues in IT and DevOps, so they’ll understand what to fix, how to fix it and why it’s a priority.

This isn’t the only change on the horizon. Security teams are also finding new ways to harness threat intelligence in real-time. This includes using predictive modelling solutions, featuring supervised machine learning algorithms, that can analyse a vulnerability the moment it is published and determine the likelihood of it being exploited in their environment.

Combined, these capabilities make it possible for security teams to evolve beyond proactive cyber risk management to embark on a predictive approach that will be vital for countering today’s fast-moving threat landscape.

Executing data-driven decisions that deliver true risk reduction

When organisations consume these automation and machine intelligence capabilities via a centralised risk management platform that features standardised, granular risk scoring across their infrastructure, everyone is able to work more  efficiently and cohesively when it comes to managing remediation programs.

As well as being able to more efficiently and confidently orchestrate risk management efforts, security teams will gain a universally trusted language and metrics for communicating overall risk levels to management. Meanwhile, remediation teams are now able to visualise and understand which threats need to be addressed at their own group level and how to fix them. Plus, they are able to see how their efforts will reduce their own team’s  risk exposure.

Prioritisation to prediction

Vulnerability scoring systems have been around for a long time but increasingly executive teams are discovering how these new systems, which combine cloud security, risk-based intelligence and prioritisation reduce the pressure on security and IT teams while boosting their capability to drive down risk. More are making the leap from prioritisation to prediction to gain greater certainty about the probability of a specific exploit impacting their environment. With everyone singing from the same hymn sheet, resources can be appropriately allocated, and vulnerability management efforts focused with pinpoint accuracy on the risks that really matter.

Stephen Roostan

Stephen has over a decade of experience in cyber security and transformation projects, and his role at Kenna is to rapidly grow the EMEA organisation to meet the customer demand for risk-based vulnerability management. Prior to Kenna he held senior sales roles at Forcepoint, Citrix and Imperva, focusing on IT solutions for complex, enterprise requirements.

Choose an AI solution to transform beyond technology

Kit Cox • 09th December 2024

The first step is knowing exactly what your business wants to achieve with AI; think faster, smarter and more efficient. Once you know what you are working towards, you can start looking for a solution that can help you make it a reality. AI integration can feel like a daunting task at the beginning, so...

A Roadmap to Security and Privacy Compliance

John Lynch Director of Kiteworks • 04th December 2024

Only by understanding the current regulatory environment and implementing robust data protection measures, can organisations enhance their security posture, ensure compliance, and build resilience against the latest cyber threats. This article provides a comprehensive roadmap of how to do it.

Data-Sharing Done Right: Finding the Best Business Approach

Bart Koek • 20th November 2024

To ensure data is not only available, but also accessible to those that need it, businesses recognise that it is vital to focus on collecting, sorting and governing all the data in their organisation. But what happens when data also needs to be accessed and shared across the business? That is where organisations discover a...

Nova: The Ultimate AI-Powered Martech Solution for Boosting Sales, Marketing...

Erin Lanahan • 19th November 2024

Discover how Nova, the AI-powered engine behind Launched, revolutionises Martech by automating sales and marketing tasks, enhancing personalisation, and delivering unmatched ROI. With advanced intent data integration, revenue attribution, and real-time insights, Nova empowers businesses to scale, streamline operations, and outperform competitors like 6Sense and 11x.ai. Experience the future of Martech with Nova’s transformative AI...

How E-commerce Marketers Can Win Black Friday

Sue Azari • 11th November 2024

As new global eCommerce players expand their influence across both European and US markets, traditional brands are navigating a rapidly shifting landscape. These fast-growing Asian platforms have gained traction by offering ultra-low prices, rapid product turnarounds, heavy investment in paid user acquisition, and leveraging viral social media trends to create demand almost in real-time. This...

Why microgrids are big news

Craig Tropea • 31st October 2024

As the world continues its march towards a greener future, businesses, communities, and individuals alike are all increasingly turning towards renewable energy sources to power their operations. What is most interesting, though, is how many of them are taking the pro-active position of researching, selecting, and implementing their preferred solutions without the assistance of traditional...

Is automation the silver bullet for customer retention?

Carter Busse • 22nd October 2024

CX innovation has accelerated rapidly since 2020, as business and consumer expectations evolved dramatically during the Covid-19 pandemic. Now, finding the best way to engage and respond to customers has become a top business priority and a key business challenge. Not only do customers expect the highest standard, but companies are prioritising superb CX to...