Malware Manual – Part 5: 3 Keys for Cybersecurity Response Planning

  • September 21, 2017
  • Print This Post

Last month, the international research and advisory company Gartner, Inc., predicted global corporate spending on IT security will increase 7% this year over 2016 to roughly $86.4 billion. And looking forward, Gartner forecasts IT security will swell to $93 billion by the end of 2018.

The driver of all this spending growth? Data breaches and regulations associated with them.

These statistics reveal a paradox, says Seth Robinson, Senior Director, Technology Analysis, at CompTIA, one of the world’s largest technology associations.

“Companies regularly report that security is a high priority, one that is rising over time,” Robinson explains in a recent post to CompTIA’s blog. So, he elaborates, “The reasonable assumption is that companies are building strategies to address this priority.”

Gartner’s estimates would seem to support this supposition. Yet, Robinson, co-author of CompTIA’s The Evolution of Security Skills study, argues that his annual research continues to show “businesses are having a hard time defining proper investments in this critical space.”

Reconciling this contradiction, Robinson counsels, requires an “important shift” in cybersecurity thinking, one that focuses on “proactive detection” of malware and aspiring attackers, rather than absolute prevention. He believes the core assumption in cyber-defense thinking should become “no defense is perfect and constant vigilance is required.”

We agree, which is why we advocate companies of all shapes and sizes across industries apply the Cybersecurity Framework developed by the National Institute of Standards and Technology (NIST). The NIST framework encapsulates a thorough, structured approach to managing cybersecurity holistically according to five tenets:

The last three of these five principles provide what NIST calls “opportunity for future improvement” – especially the “Respond” stage, which emphasizes planning, communications, analysis, mitigation and process improvement.

How can you translate NIST’s direction into action? In his post, Robinson recommends starting with your mindset. Conduct cybersecurity response planning according to these three keys, in this sequence:

  1. Establish your organization’s definition of “good security” – “Technical experts may have a good understanding of potential pitfalls, but business unit employees may only have a gut feel that things are not as they should be,” Robinson says. “In a new corporate setting where these different groups collaborate more than ever on technology strategy, a common definition of secure practices is a crucial first step.”
  2. Identify appropriate “triggers” for changing security – “Too often, businesses assume that the absence of catastrophe indicates adequate security,” explains Robinson. “Instead, decision makers must be educated on the correlation between IT architecture changes and security vulnerabilities.”
  3. Consider the breadth of the “threat landscape” – Per Robinson, companies tend to place emphasis on the most recent and more familiar types of attack. Your approach, however, must include a more sophisticated risk assessment. See our “Malware Manual – Part 1” post for details.

Need Help With
Your IT?

Find a Location


Need Help with your IT?

Find a Location
Near You.


into the evolving world of IT for business.
Subscribe now.

Follow Us
Friend me on FacebookFollow me on TwitterFollow my company on LinkedInRSS Feed

Follow us on Twitter


ITinflections is a blog that covers a wide range of technology-based articles IT in the workplace, focusing on small- to medium-sized businesses.

If you’re looking to improve your company’s productivity through the effective use of technology, enjoy ITinflections, the blog about technology for business.