Security leaders are bracing themselves for an increase in cyberattacks as nation-states and cybercriminals become more prolific.

Executives anticipate that these attacks will target weak spots primarily caused by software misconfigurations (49%), human error (40%), poor maintenance (40%) and unknown assets (30%).

Cybersecurity best practices

A cybersecurity benchmarking study from Thoughtlab, "Cybersecurity Solutions for a Riskier World," analyzed the cybersecurity strategies and results of 1,200 large organizations across 14 different sectors and 16 countries, representing $125.2 billion of annual cybersecurity spending.

The study identified six best practices that can reduce the probability of a data breach and the time it takes to find and respond to those that occur:

Take cybersecurity maturity to the highest level. Organizations that are most advanced in applying the NIST cybersecurity framework outperform others on key metrics, such as time to detect a breach (119 days for advanced vs. 132 days for others). They also have fewer annual material breaches (0.76 for advanced vs. 0.81 for others).

Ensure cybersecurity budgets are adequate. Respondents reporting multiple material breaches in 2021 spent 12.3% of their total IT spending on cybersecurity, while those reporting no material breaches in 2021 spent an average of 12.8%, or $4.7 million more. Organizations that spent more also reported faster times to detect and mitigate a breach.

Build a risk-based approach. On average, risk-based leaders saw 22.5 incidents and 0.75 material breaches in 2021, vs. 27.1 incidents and 0.88 material breaches for risk-based beginners. In addition, 50% of top performers in time to mitigate took a risk-based approach vs. 17% of poor performers.

Make cybersecurity people-centric. Cybersecurity is as much about humans as it is about technology. Organizations see fewer breaches and faster times to respond when they build a “human layer” of security, create a culture sensitive to cybersecurity risks, build more effective training programs, and develop clear processes for recruiting and retaining cyber staff.

Prioritize protection of links between information and operating technologies. With digital and physical worlds converging, the attack surfaces for respondents are widening. Organizations that prioritize protection of interconnected IT and OT assets experience fewer material breaches and faster times to detect and respond.

Do more to measure performance. Currently, organizations track just 4.2 cybersecurity metrics on average. Executive teams that are more assiduous — monitoring six or more metrics — experience fewer incidents and material breaches. They also respond faster to attacks.

For more report insights, click here.