Cybersecurity in 2019: Five key capabilities your client will need Posted on January 9, 2019 by Adam Burke Do your clients know that 47% of smaller businesses have suffered a cyberattack in the last year — and nearly half of those experienced multiple cyberattacks? Midmarket companies fare even worse: some 53% have experienced a data breach. Attackers now see small/midmarket businesses as soft-target conduits into their larger partner companies. If your clients haven’t been attacked yet, either they’re lucky or they haven’t yet discovered the breach. Nor are cyberattacks/data breaches cheap. Some 54% of cyberattacks cost more than $500,000 — an amount that can destroy even a robust midmarket firm. In 2019, these five cybersecurity capabilities are essential for any business that wants to stay in business: 1 A cybersecurity technology platform A cybersecurity technology platform should centralize security policy and configuration management as well as administration/reporting, and it should aggregate and integrate cyberthreat prevention, detection, and response capabilities with coverage that spans endpoints, networks, servers, cloud-based workloads, and even patch management. Since at least 90% of cyberattacks are spawned via phishing emails, malicious attachments, or weaponized URLs, your clients’ cybersecurity platforms must be able to monitor these vectors and apply filters that block malware and provide visibility into anomalous, suspicious, and malicious behaviors. 2 SIEM Security Intelligence Event Management (SIEM) offerings — including SIEM — collect, process, and interpret data from multiple sources; incorporate cyberthreat intelligence feeds; correlate alerts; perform analytics and profiling; and automate responses to potential cyberthreats. Traditional, labor-intensive SIEM is challenged by exploding volumes of security data and too many cyberthreat false-positives. But newer SIEM offerings deploy user and entity behavior analytics (UEBA) and AI/machine learning to boost real-time correlation capabilities and effective integrated cyberthreat response. 3 Two-factor authentication The age of (only) passwords is coming to a close. Your clients will need to commit to two-factor authentication (2FA), which significantly reduces account takeover fraud. Biometrics will play a major role here; MasterCard, for instance, will require biometric identification of all its UK users by April, 2019. 4 DevOps that puts cybersecurity first Now that your clients conduct much of their interaction with customers via web applications and/or mobile app APIs, their DevOps teams need to craft security practices and incorporate them into application code, design, and processes from the outset rather than as an afterthought. Your clients should also apply these DevSecOps practices to their cloud, infrastructure, and work with their partners. 5 Cloud-based managed security services In a world where line-of-business employees mostly don’t understand or care about IT security, and where finding necessary cybersecurity expertise is difficult, cloud-based managed security services offer a viable and cost-effective option. Not only are managed security services more agile and extensible than traditional on-premises offerings, they come with cybersecurity experts to whom you have access. To get the most from a cloud-based managed security service, make sure the service your clients choose comes with a full complement of APIs that enable integration into larger ecosystems.