How resilient is your cybersecurity posture in 2021
27 May 2021
The findings of NTT’s recently published 2021 Global Threat Intelligence Report provide new insight into the relative preparedness of organizations in different industries to respond and recover from cybersecurity attacks...something that NTT refers to as ‘cybermaturity’. But first, let’s clarify exactly what we mean by this term and explore what NTTs Cybersecurity Advisory (CA) score actually measures. NTT’s CA score may be understood as a maturity baseline. It’s a measure of the relative maturity of an organization's security practices, covering all aspects of processes, metrics and tools on a 0.00-5.99 scale. A lower baseline indicates less-mature security practices. The higher the baseline, the more mature the organization’s security practices are deemed to be.
The CA baseline is generated as a component of a business-outcome-driven consulting engagement that measures the current environment and helps develop a strategy for reaching security objectives based on the organization's current state. Essentially, the CA helps identify an organization's current maturity level and the goal maturity based on its business and security objectives. The final output of a CA engagement is a plan to help move the organization from its current state to its optimal state.
Now, let’s turn the spotlight on this year’s Report’s findings with respect to the relative industry preparedness of the two most attacked industries:
While top of the log on cybersecurity maturity or preparedness overall, finance is still among the most attacked industries. Small decreases in baseline scores likely resulted from challenges in prioritization, which potentially affected the allocation of resources and didn’t allow the organization’s program to mature.
Organizations in this sector experienced a three-year decline in scores, most likely due to changes in the operating environment, the evolution of attacks and a greater inclination to benchmark their overall cybersecurity posture.
Steps to success
If you’re seeking to close the gap between your organization’s current and desired cybermaturity level, maintain an unwavering focus on tools, executive support and the maturity of your underlying processes. But do bear in mind that factors such as cost, compliance and resource availability could hamper your efforts to reach your desired goals, so set yourself realistic expectations.
If you’re interested in reading a deeper analysis of the findings of this year’s Report, read our Executive Guide or download the full technical Report. Otherwise, please connect with me to share your thoughts or questions.