Cyber-attack likelihood and impact: using data to optimize security


By David Grady, Chief Security Evangelist, Verizon Business Group

Smart organizations know that when it comes to cybersecurity, you simply can't do it all, nor should you try. Though the methods of cyberattack appear limitless—every day it seems that a creative new hack leads the news—the resources needed to defend an organization are anything but limitless. Precious security resources must be deployed in a manner that mitigates cyber risks to levels acceptable to stakeholders across the entire organization. That's data-driven decision-making.

The value of data-driven decision-making may seem obvious—who wouldn't want data to help them make a good decision? But in many organizations, cybersecurity decision-making is still influenced by a dogmatic adherence to industry best practices and even sometimes by fear. Remember: rigidly following a set security-industry best practices can result in a security program that tries to protect against anything that can possibly happen, rather than what the data shows is more likely to happen. While there's a feeling of safety in being able to say, "But we followed the best practices" after a data breach, that feeling is misguided. One size security does not fit all.

Further, headline-grabbing data breaches can spur panicky C-suite executives or agency leadership - under pressure from the Board or other high-maintenance customers or constituents - to make resource demands on the CISO based solely on what they heard on the news, and not on actual data that quantifies the likelihood of interruption to their own companies. (Don't be that leader.)

Verizon's groundbreaking annual Data Breach Investigation's Report, now in its 14th year, is the gold standard for understanding the specific threats to certain industries and the specific controls required to mitigate risk. Verizon's Threat Research Advisory Center (VTRAC) leverages Verizon's global network and nine global SOCs to develops powerful threat intelligence, which is integrated into Verizon's professional and managed security services. And we partner with best of breed security solutions providers to optimize your defenses and achieve the maximum return on your security investments.

From secure Cloud computing solutions to advanced detection and response capabilities, Verizon helps secure data, networks and infrastructure for many of the world's best-known organizations. Verizon's nearly two decades of leadership in network, wireless and IoT connectivity makes it uniquely capable of protecting the ever-expanding attack surface. Our unrivaled research and experience helps our customers focus on the most likely and most potentially-impactful threats to their business.

Verizon is the only telecommunications company named a Leader in both Magic Quadrant for Network Services, Global, and Magic Quadrant for Managed Security Services, Worldwide for three consecutive years. We help organizations transform their security programs, their network infrastructure, and their business.

We meet our customers where they are on the road to security maturity, and we help them get where they want to be.

Sustaining Partners