In today’s hyper-connected operating environment, the question is not if a business will face a cyberthreat, but when.
“Security events and security alerts are something we deal with every single minute of every day,” David Drossman, chief information security officer at The Clearing House (TCH), told PYMNTS for the series, “What’s Next in Payments: Protecting the Perimeter.”
“The key for us is to make sure that none of those events or alerts become incidents or major crises,” Drossman said.
The imperative for organizations to secure their digital assets has never been greater, with cyberattacks becoming increasingly sophisticated and relentless. This requires planning, preparedness and a clear understanding of how to respond when an alert arises.
“First things first, you need to have your incident response planning right,” Drossman said, stressing the importance of employing an overarching incident response plan, supplemented by detailed procedures specific to information security. This dual approach ensures that when alerts occur, the organization can respond swiftly and effectively.
Still, embracing a zero-day threat behavior frequently requires standing up proactive measures and may require a cultural shift within organizations.
The plan should be supported by up-to-date threat intelligence, which can help organizations stay ahead of potential threats.
“Ensuring that your systems are getting the data they need to respond and detect threats is crucial,” Drossman said, noting that both automated and manual data feeds are necessary.
A key concept in modern cybersecurity is “defense in depth,” and it is emerging as one of the foundational elements of a robust cybersecurity strategy.
As Drossman highlighted, embracing a “defense in depth” strategy involves creating multiple layers of defense to protect an organization’s most valuable assets, often referred to as “crown jewels.” He described it as building a “labyrinth of control” that can mitigate damage even if one layer fails. Segmentation is critical here, especially in separating employee networks from sensitive areas to minimize the risk of internal breaches.
“It’s not just having the cyber event, it is how you respond to it … the truth is, everyone wants a perfect record when it comes to not having cyber incidents, but the most important thing is that when they happen, make sure you are prepared,” Drossman said. “That is the key to everything.”
As technology evolves, so too do the methods and tools used by cybercriminals. Drossman noted that the expansion of cloud services and third-party integrations has altered the security landscape.
Emerging technologies like artificial intelligence present both opportunities and challenges. While AI can enhance cybersecurity defenses by automating threat detection and response, it also introduces new risks that must be managed.
“We have to be aware of how AI is used within our organization and ensure it doesn’t introduce vulnerabilities,” Drossman advised, noting that organizations must continuously adapt their security strategies to account for changes, ensuring that new technologies are integrated safely and securely.
While technical measures are vital, cultivating a culture of awareness and responsibility among employees is equally important.
Gone are the days when information security was the sole domain of a secluded IT team. Drossman advocated for a collaborative approach, integrating cybersecurity efforts across all departments, including business technology, HR and legal. This ensures a cohesive strategy that aligns with the organization’s broader goals while maintaining robust security controls.
Ensuring that every employee understands that risk management is part of their responsibility is essential. Drossman pointed out that phishing remains a threat, often targeting individuals’ emotions or current events.
“All it takes is one person to compromise the security of an entire organization,” he warned, stressing the role of company culture in standing up a defense capable of detecting and mitigating risks before they can cause harm.
Additionally, implementing measures like multifactor authentication (MFA) helps safeguard against unauthorized access, even if credentials are compromised.
Ultimately, in an era where the cybersecurity perimeter is increasingly blurred, and threats are constantly evolving, staying ahead of potential risks is more crucial than ever, Drossman said. By fostering a culture of security awareness, using advanced technologies, and maintaining a flexible, adaptive strategy, organizations can safeguard their most valuable assets and ensure long-term resilience in the face of cyberthreats.