Like it or not, January is a time when we all instinctively think of ways we can make the next year better than the last. So, if you’re a cybersecurity professional hoping that 2023 is an even safer and less stressful year for you than 2022, you’re in luck! Here are some tips on how to set the best resolutions for a more secure 2023.
Resolution #1: Use less technology
It may seem odd for a technology vendor to suggest using less of what they sell, but this is nonetheless a smart decision to make for 2023. Too many tools generate too much cost and too much complexity. That’s why smart cybersecurity teams are consolidating their toolsets — or simply outsourcing certain SecOps functions altogether.
Because ultimately, cybersecurity success isn’t about technology. It's about enabling priority detections to turn into timely responses, and translating world-class threat intelligence into fast, accurate threat hunting.
In other words, security success requires a harmonious union between technology and human expertise. That requires smarts, skills, and the right processes. If you focus on optimizing your end-to-end cybersecurity value chain — from the security knowledge and expertise that drives your actions through the way you find and respond to active threats — you’ll more effectively avoid problems in 2023.
You’ll also get more value out of your budget and avoid the burnout that has been devastating even the best tech staff over the past few years.
Resolution #2: Buy on value, not price
Given your finite budget and all the bases you need to cover within those finite budget constraints, it’s understandable that you’re careful with your spending.
But beware. Cheaper can actually be more expensive. Much more expensive.
For example, a SecOps service provider may promise that they will alert you to the same threats as a more expensive competitor will — and that they’ll do so for 18-20% less.
And they may be right. They may in fact send you the exact same true positives as that more expensive competitor.
But they may also send you 30% more false positives. And those false positives will turn out to be far more expensive than the so-called cost savings you were expecting.
False positives cost countless hours of lost time chasing what amounts to a cybersecurity “ghost.” They expose you to significant added risk by inducing alert fatigue that undermines your responsiveness to genuine threats or breaches. And they cost staff through the chronic burnout that ultimately results in expensive staff turnover.
Make sure you don’t get tricked by the seemingly low prices and big promises in 2023. Do your research. And look for total value — rather than a face value “bargain.”
Resolution #3: Make new friends
We’re all so busy putting out fires day to day that it can seem almost impossible to build new relationships with other members of the cybersecurity community.
But perhaps more than any other IT discipline, cybersecurity really is a communal undertaking.
We share threat intelligence. We let our peers in our own companies’ supply chains know when they might have been exposed to a threat we’ve detected in our own environment. And conversely, we sincerely hope our peers at companies that digitally interface with ours will give us a heads-up if they might have exposed us to a threat actor they’ve detected in their systems.
In 2023, you may want to adopt a more relational approach to your vendors — whether you use their software or their services.
Sure, many vendors take a purely transactional approach to their customers. And many customers accept a “black box” approach to managed security services — where they just pay their money and receive an agreed-upon deliverable or service.
But that could be settling for less when your organization deserves so much more.
Your engagement with a security solutions company should be much more than merely transactional. Instead, seek out building a high value working relationship with a security partner who can offer expert insights and advice well above and beyond the transactional terms spelled out in your procurement contract.
That’s the kind of relationship that yields a lot of fruit over the long haul — and can be priceless if and when you experience a crisis.
If you’re already a Secureworks® customer, you know exactly what we’re talking about. And if you’re not, resolve to reach out to us in 2023!