No one is perfect. No business has the perfect cybersecurity set-up. Everyone has ample room for improvement. Improving your cyber defenses is an ongoing endeavor. It never ends because the cybercriminal is constantly evolving, and cybersecurity best practices regularly adjust based on new technological advances and the altering tactics of the criminal.
So, in this never-ending game of cat and mouse, we all need to be cognizant of – and working to continuously improve – our cybersecurity posture. But what is cybersecurity posture? Simply, it refers to an organization’s ability to protect its networks, information, and systems from a cyberattack. Cybersecurity posture is the collective security status of all your IT assets.
The strength – or weakness – of your cybersecurity posture relies on the cybersecurity systems, processes, and expertise that your dealership has in place. This includes the following:
- Employee cybersecurity training
- Security policies and procedures
- Cybersecurity hygiene
- Data breach prevention measures (continuous threat monitoring, MFA, data encryption)
- Vulnerability management procedures
- Cybersecurity tools like firewall, intrusion detection, antivirus, SIEM
- Trained and certified cybersecurity expertise
To be able to effectively manage the ongoing improvement of your dealership’s cybersecurity posture you need to be able to measure your cybersecurity posture. As the saying goes “you can’t manage what you can’t measure.” Here are a few cybersecurity posture metrics that you should track as you manage the ongoing improvement of your cybersecurity posture:
- Device Preparedness – The number of devices on your network are fully patched and up to date.
- Unidentified Devices – How many unidentified devices are connecting to your network?
- Intrusion Attempts – The number of bad actors that have attempted to gain access to your network.
- Cybersecurity Incidents – The number of times an attacker has penetrated your network.
- Mean Time To Detect (MTTD) – The amount of time that a cybersecurity threat goes unnoticed. This is an important gauge of your team’s ability to become aware of indicators of suspicious behavior. Implementation of continuous threat monitoring can drastically reduce your MTTD.
- Mean time To Resolve (MTTR) – How long does it take your team to respond to an attack once they are aware of the it? This is an excellent measure of your incidence response plan. Another metric where continuous threat monitoring has a major positive impact.
- Mean Time To Contain (MTTC) – The amount of time it takes your team to contain an attack once they have initiated their response. Once again, implementation of continuous threat monitoring is a key tactic to positively impacting this metric.
- Security Patching Cadence – How long does it take for your team to deploy application security patches?
- Access Control – How many users have administrative privileges? This number should be kept to an absolute minimum.
Leveraging the metrics above, you can begin to gain a sense of your cybersecurity posture and then take measures to improve. Some great ways to significantly boost your cybersecurity posture is to implement continuous threat monitoring, multi-factor authentication, data encryption, install new security patches immediately, and reduce the number of administrative accounts on your network.