‘Tis the season for budget planning. With 2019 coming to a close, you may be scrambling to put together a coherent proposal for 2020. And if you’re lucky, you may have some leftover budget that you need to spend wisely.
Focal Points for 2020 Budgets
Analyst firm IDC forecasts a 10% increase in spending around security analytics and SIEM solutions, as well as more than a 10% increase in cyber threat intelligence. Automated continuous security testing, performed using breach and attack simulation (BAS) tools, is utilized to challenge, measure and optimize the effectiveness of current security controls is a strong candidate for these budget increases.
Why? Because it lets security teams validate that their SIEM would in fact pick up important alerts in the event that a cyber attack occurred. And, it also lets teams leverage cyber threat intelligence to ensure their controls are picking up the very latest strains’ indicators of compromise (IoCs).
Why Budget for Breach and Attack Simulation
Whatever the case may be, here are the top 10 reasons to budget for BAS this year or in 2020:
#1 Defend against the latest threats faster
According to av-test.org, and independent institute for malware stats, 350,000 new malware strains and potentially unwanted applications emerge daily. BAS provides set-and-forget security testing, so you can get alerted automatically on your controls’ ability to catch these threats and protect against them faster.
#2 Gain continuous visibility
You may require pen tests for regulatory compliance and may already be engaging in red team exercises. But what happens when you need answers on your security posture right now? Not only does automated security testing reduce your depending on these costly engagements, rather it also provides you with the 24x7x365 visibly you need into your posture.
#3 Optimize current security controls
Instead of going out and buying new product in 2020, you may be able to drastically reduce your attack surface just by fine tuning current controls via updated configurations, policies and control settings. And how do you know just what to tweak? By running safe attack simulations, of course.
#4 Prioritize cyber security resources
BAS lets you invest time and effort where security risk is highest according to objective, empirical exposure scores and other KPI metrics. So instead of working off of hunches, you can get your team to mitigate the most critical gaps first based on empirical data and make data-driven purchase decisions.
#5 Protect against supply chain attacks
A recent global survey revealed that 66% of organizations have experienced a supply chain attack. Examples abound, including a recent Sodinokibi ransomware campaign that infiltrates companies by poisoning software updates on their managed service providers’ (MSP) websites. Challenging controls relevant to attack delivery means you can reduce your vulnerability to such attacks.
#6 Check security posture pre- and post-M&As
If your company is about to acquire or merge with another one, you wouldn’t want all your hard work and security investments to go to waste, no thanks to another organization’s deficiencies. Running attack simulations to find gaps before they are exploited by attackers is something BAS lets you do in just a few clicks.
#7 Enhance blue teaming
To keep your incident response team in good shape, full kill chain APT simulations can be performed in a fully automated fashion, so your SOC staff can assess if the SIEM and security controls are properly tuned, and if current playbooks and workflows are effective.
#8 Enhance red teaming
To find more gaps faster, red teaming can be enhanced by challenging controls against a broader spectrum of malware, e.g. ransomware, cryptominers, Trojans etc. as well as a wider set of techniques, tactics and procedures, for example using the exhaustive MITRE ATT&CK™ framework.
#9 Validate compliance
Meeting compliance mandates doesn’t ensure that your controls are effective at preventing a breach or mitigating its impact should one occur. With BAS, you can ensure your organization is audit-ready and know your exact level of security risk across all threat vectors and infrastructure, while freeing teams from tedious and repetitive compliance tasks.
#10 Look good
Cyber security metrics such as industry benchmarks, exposure scores over time, company baseline scores and other KPIs facilitate data-driven conversations with management and data-informed investments with your budget. Instead of guesstimating how well your security is performing, BAS-surfaced data provides you with tangible answers.
New to breach and attack simulation? Learn why continuous security risk assessments are critical in defending against the latest threats with your complimentary copy of Gartner’s report on How to Respond to the 2019 Threat Landscape, or download the Euronext case study for more information.