Why a United Cybersecurity Front is Essential to Resiliency

April 18, 2023

Staying ahead of cybersecurity risks requires expert knowledge of how bad actors operate, as well as being reasonably able to predict what they’ll do next. With adversaries investing so much into breaking down digital defenses, organizations also need to innovate and invest in the right solutions to protect their business, their digital footprint and their customers.

As bad actors find ways to outsmart multifactor authorization, expand ransomware attacks and target open-source software libraries — it’s all toward the same end. The name of the game is getting leverage over an organization, but attackers can only gain leverage if an organization doesn’t have the right risk management in place.

Top cybersecurity predictions

In a recent fireside chat, Optiv CTO Rocky DeStefano and F5 SVP of North American Sales Kevin Hollenbach, talked about the biggest cyber threats, trends and strategies on the horizon. The ultimate goal: Making sure customers are protected and able to respond quickly to cyber threats. They unpacked some of the top predictions from Optiv CEO Kevin Lynch.

1. Tech needs to collaborate and create a united front against attackers

No human is an island — and the same goes for technology providers. The vast majority of organizations can’t single-handedly take on the complexity of protecting their own digital environments. But no single tech partner, however multi-faceted their solutions, can solve for everything. Working in a vacuum leaves massive gaps for attackers to exploit.

This is why Optiv CEO Kevin Lynch predicted, “Integration is going to win.” Competition is good; it encourages innovation and evolution. But when best-in-breed tech providers unify and work together, they can establish a stronger fabric to protect against attacks and vulnerabilities.

Tech providers can start building bridges by knowledge-sharing through training and labs, finding ways to work with each other’s strengths and making interoperability a priority. Working together, technology partners can provide a broader view of the landscape and each customer’s place in it, use a framework for easier deployment and integration, and provide periodic assessments for customer needs and optimizing their solutions.

2. Look to enterprise to spur growth in security innovation and spending

Where’s the frontline of cybersecurity? Look no further than large enterprise, particularly in vulnerable sectors like health care and finance. They’re being targeted for their troves of valuable data, and as these organizations provide public-facing APIs to better serve users, they’re even more vulnerable. They may have the resources and money to back big security teams, but they’ll still need service management. There will still need to be buy-in from the highest stakeholders as business needs and technologies evolve.

Continuous education of the C-suite is critical to keeping the cybersecurity momentum going. Top-level executives don’t need to become cybersecurity experts (though it doesn’t hurt). But having a strong working knowledge will be key to making informed decisions every step of the way. We share some thoughts here on keeping the C-suite informed on the business risks of cybersecurity.

3. Operational technology is more than ready for cybersecurity protections

In the fireside chat, DeStefano and Hollenbach recalled the Colonial Pipeline ransomware attack and said the world should expect more sophisticated attacks, particularly with critical organizations and infrastructures like utilities and hospitals. When it comes to Lynch’s prediction that “demand for cybersecurity capabilities in OT finally comes of age,” we at F5 are seeing it, too.

Industries like health care, manufacturing, utilities and technology are embracing the convergence of IT and OT, realizing the importance of implementing a full suite of OT services like those offered by Optiv.

So, the opportunity for cybersecurity capability in OT is there — and it is now. Securing access control, if through an app or API, will require layered controls such as Web Application and API Protection (WAAP) to prevent abuse, misuse and attacks.

Getting onboard

Most organizations don’t have the in-house resources to keep up with the firehose of risks that are present every day, which is precisely what attackers count on. The solution appears simple: Make sure customers get the right platform to secure their environment.

The execution, however, isn’t necessarily straightforward. Solutions also need to be customizable to serve clients’ needs and be ready to evolve to cover the ever-changing threat landscape. But with communication and collaboration between technology partners, we stand a much better chance at making it harder for malicious activity to thrive.