Cisco unveils best practices for optimal cybersecurity in the enterprise

In the study you just presented, 'Security Outcomes 2021', highlights as programs that include proactive technology updates (SaaS and cloud) are one of the best options. Technological integration is the second most important factor for effective security.

Cisco has presented his study Security Outcomes 2021, that gives cybersecurity managers a practical vision to decide where to focus their efforts next year.

Based on inquiries made to 4.800 Security professionals, IT and Privacy, companies of various sizes and sectors in 25 Countries (including Spain), analyses the current level of success of cybersecurity programs and the most effective practices to achieve and improve it.

Globally, programs that include proactive technology updates to solutions increase 12,7% the likelihood of success. As not all companies have the budget and staff to achieve this proactivity, SaaS and cloud security solutions are one of the best options, because they're affordable, easy to deploy and integrate, and with automatic updates.

Technological integration is the second most important factor for effective security, increasing the likelihood of success by 10,5%. Solutions are also key to creating a strong security strategy for all workers, and facilitates talent retention, professionals demand transparent operation with coordinated alerts.

For its part, on-time response to incidents - both for threats and for unplanned events- increases success by almost a 5%. This underscores the increasing importance of remediation time versus cyberthreat detection time. Techniques like Threat Hunting, AI/ML and increased automation reduce these times.

Situation in Spain

In Spain, the most relevant factor is the joint work between the Department of Security and the IT department, that can increase the success of the program by 22% respondents said. The second practice that brings the most to success (20%) is to have metrics about program performance.

The same, the on-time response to incidents increases the likelihood of success by 17%, while the technological update is a 10% more successful to cybersecurity strategy.

"Cybersecurity professionals need to make quick and informed decisions. But they often rely on dozens of tools from multiple suppliers, making it difficult to respond coordinatedly to cyberthreats and unplanned events", highlights Eutimio Fernández, Cisco Spain's Director of Cybersecurity.

Cybersecurity program analysis

The report also analyses the current success of cybersecurity programs based on 11 Objectives, framed in three categories: managing risks, operate efficiently and help the business.

According to the global average, organizations are more successful in complying with regulations; gaining the trust of managers; avoid major security incidents; facilitate the day-to-day operation of the business; managing big risks; and optimize incident response.

Retaining cybersecurity professionals, achieving workers' assessment/confidence and minimizing unplanned work are the goals in which organizations are less successful today.

In Spain, the results are almost identical to the global average. The only difference is that Spanish companies find it more difficult to 'operate profitably'.

Recommendations:

• Keep infrastructure up to date.
• Integrate technology and security solutions (integrated defense).
• Investing in technological 'quality and quantity'.
• If the budget is tight, opt for SaaS and Cloud solutions, including renewals and automatic updates.
• Create a culture of security that workers accept and defend.
• Analyzing other successful security practices that are not contemplated.

Other articles on Cisco, Cisco Systems