Professional Documents
Culture Documents
Cybersecurity For Businesses
Cybersecurity For Businesses
Cyber in Perspective
Securing the
future of business
Cyber security optimisation in organisations
Introduction
Businesses today are transforming their ways of
working and redefining the future of their operations.
They are migrating towards a ‘work from anywhere
and anytime’ model of operation, with an increasing
focus on utilising low-touch business solutions.
There is also increased focus on business resilience
in order to strengthen systems and processes so
that they operate seamlessly during a crisis.
Rapid diglitalisation across organisations had
already made them prone to cyberattacks. The
COVID-19 crisis has resulted in an increase in the
number of cyberattacks on organisations. Along
with a surge in cyberattacks, there has also been a
shift towards more sophisticated attacks that seek
to exploit the chinks in the armour exposed by the
transformation process that is under way. Such a
scenario requires organisations to enhance their
capabilities in order to successfully navigate the
increased threat surface, ensure protection of their
data and smoothly continue business operations.
The COVID-19 crisis has impacted a number of
organisations and increased cost pressures. The
crisis has also made it imperative for organisations
to enhance their cyber security capabilities on the
one hand and optimise cyber security resources on
the other.
Security optimisation across areas will help businesses achieve their objectives.
Organisations are struggling to optimally utilise their implemented security technologies. Often, there are overlaps in
security technologies as well as underutilisation of tools and technologies.
Organisations need to focus on understanding their security technology landscape and identify areas where
security technologies can be optimised either through consolidation and enhancement, or by leveraging open-
source and light-weight start-up solutions.
At an overall organisational level, the costs of security operations and management are increasing due to the wider
threat landscape. Traditionally, organisations build all of their operational services in-house on a fixed-cost model.
However, this approach has led to increased costs, administrative burden and the additional hassle of managing a
large set of internal tools, technologies and in-house resources.
There is scope for improvement in the way organisations handle security operations and associated costs. They
can explore other avenues such as managed security services, cloud-based service delivery and transaction-based
pricing models.
Due to the cyclic nature of most businesses, it has been observed that required skills are dynamic and change with
time. Skills related to cloud technologies, orchestrated response and emerging technologies are becoming more
important. While organisations may hire people skilled in operating new technologies, upskilling and cross-skilling
existing resources are more efficient, considering evolving requirements.
Organisations may consider engaging external experts as chief information security officers (CISOs) in other
security roles to optimise the costs of hiring and training. Additionally, there is scope to leverage existing resources
in cross-functional teams to build extended teams and support security requirements during critical situations.
Security teams in organisations spend a lot of time performing low-intelligence routine tasks. Also, most
organisations do not have centralised security teams, leading to a disintegrated view of the organisational security
landscape. Organisations need to move away from such siloed processes for security management and gradually
shift towards a more cohesive approach, with automation as the basis of security processes and operations
management.
Automation technologies help in decreasing the administrative burden related to manual handling of certain aspects
of security processes. Leveraging these technologies as the foundation for managing security processes will not
only optimise the effort and resources required for maintaining cyber security across organisations, but also help in
reducing the overall error rates and associated security risks.
Security technology optimisation is the quickest Today, it is imperative for organisations to look at
method to optimise cyber security for an organisation. their security technology stack holistically to enhance
Typically, organisations have focused on creating security and optimise resources.
multiple layers of security and using a combination of Many organisations have invested in multiple security
security products, design principles, manual controls technologies, some of which have overlapping features.
and routine checks to manage their overall security This happens as some new-generation technologies
posture. combine the multiple features provided by
Organisations that have been on the cyber security traditional technologies. For example, next-generation
journey for a significant period of time will understand firewalls have capabilities such as intrusion prevention,
the need to regularly take stock of their security stack. URL filtering and application control, along with features
Security tools and solutions have a tendency to overlap provided by traditional firewalls.
or remain underutilised if left unchecked. Organisations can enable additional features and
Additionally, organisations have approached cyber functionalities in their existing security set-up to
security in a piecemeal fashion by adding technologies provide additional security coverage. For example,
to their set-up whenever they felt it was necessary to threat intelligence feeds can be enabled in next-
fill certain point-in-time security gaps, overlooking the generation firewalls, security incident and event
overall security posture. management (SIEM) tools and anti-advanced persistent
threat (APT) systems to provide contextual information
Further, organisations consider established commercial
on security events.
off-the-shelf (COTS) products for their security
requirements and do not generally consider other Organisations can also look at implementing open-
options, including open source/domestically produced source security solutions as well as light-weight
security tools, that may provide the desired level of start-up security solutions and services that provide
security contextualised to the threat landscape. the desired level of security at optimised costs.
Given the aforementioned considerations, there is
a huge opportunity for organisations to optimally
leverage security technologies.
Cyber security services have traditionally been built Organisations can leverage third-party security
on-premise and their service provisioning operates services across multiple areas, including governance,
on a fixed-cost model. However, this can lead to implementation, operations and compliance, to
unnecessary cost overruns. implement the security as a service (SaaS) model.
Organisations may also consider implementing
Pay for what you need innovative cost-optimisation models that allow them to
pay on the basis of the number of security components
Fixed costs are easier to budget for since they remain handled/assessments done/incidents resolved.
constant during a year. However, with evolving business
landscapes and shifting operational priorities, security Similarly, organisations can leverage cloud-based
organisations should strive to identify linkages between security solutions that enable security teams to deploy
business functions and related security services. This a cloud layer over the existing IT landscape, allowing
will enable them to move to a variable cost model and services, including user identity management, security
successfully mitigate increasing budgetary constraints. monitoring and incident management, to be centrally
delivered. The service requirements can be increased or
Cyber security activities such as monitoring a 24x7 decreased, allowing for subsequent cost optimisation.
security operations centre are already being outsourced
to enable variable cost models that help organisations Organisations can also look at outsourcing or
moderate their security spending. The current crisis offshoring security operations to low-cost locations
has also triggered a need to relook at how day-to-day to optimise associated costs.
security operations, administration and management
activities can be carried out by leveraging third-party Given the above background, organisations should
managed security service providers. rethink their expenditure on cyber security operations
and move towards a managed services model for not
only security monitoring, but also day-to-day security
administration and operational activities.
To be able to optimally secure organisations against Additionally, virtual security teams can be hired as a
emerging threat landscapes, it is important for security service to provide security expertise and support that
teams to have relevant skill sets and be agile and are not uniformly required throughout the year but only
multifaceted. Security teams need to be experts in core when the need arises.
security skill sets and swiftly develop skill sets required The recent trends in security services have also
for newer and emerging technologies. seen a large number of security experts moving to
Considering the shortage of skilled cyber security freelance positions. Organisations can use a resource
professionals in the industry, security functions of marketplace to onboard and hire freelancers who can
organisations face their own set of challenges. The provide various security services and expertise.
increased economic pressure on security functions has Organisations can also carry out training programmes
made it difficult for them to recruit high-skilled subject for reskilling and upskilling existing resources to
matter experts (SMEs). cater to security requirements. This will not only allow
Further, many security skills are not required throughout organisations to meet security demands, but also
the year but are largely point-in-time requirements, enable them to remain updated on the latest security
making it more difficult for organisations to maintain skills. Further, they may also leverage internal teams
dedicated and large security teams. across functions through cross-skilling to cater to
Organisations now need to go beyond the traditional peak requirements in cyber security.
structure of security teams to include the latest trends in These approaches can help organisations create a
cyber security. leaner and agile security team for managing different
Governing and managing enhanced threat landscapes aspects of their cyber security.
using both traditional and emerging technologies
may require skill sets that are not available within
organisations. Under such circumstances, they
can appoint a CISO as a service from established
security agencies for required security oversight and
governance.
Contact us
pwc.in
Data Classification: DC0 (Public)
In this document, PwC refers to PricewaterhouseCoopers Private Limited (a limited liability company in India having Corporate
Identity Number or CIN : U74140WB1983PTC036093), which is a member firm of PricewaterhouseCoopers International Limited
(PwCIL), each member firm of which is a separate legal entity.
This document does not constitute professional advice. The information in this document has been obtained or derived from sources
believed by PricewaterhouseCoopers Private Limited (PwCPL) to be reliable but PwCPL does not represent that this information is
accurate or complete. Any opinions or estimates contained in this document represent the judgment of PwCPL at this time and are
subject to change without notice. Readers of this publication are advised to seek their own professional advice before taking any
course of action or decision, for which they are entirely responsible, based on the contents of this publication. PwCPL neither accepts
or assumes any responsibility or liability to any reader of this publication in respect of the information contained within it or for any
decisions readers may take or decide not to or fail to take.