Few organizations would describe cybersecurity as unimportant, yet their cybersecurity strategy often remains overlooked because it needs time and attention to design and implement.\n\nMaintaining cybersecurity involves the ongoing evolution of many complex processes. If your organization lacks a solid strategy, this complexity can quickly escalate out of control.\n\nA strategy that strikes the perfect balance between minimizing complexity and maximizing simplicity will lead to optimal security.\n\nAt NTT, we ask prospective clients about their overall strategy and maturity, and what they are looking to accomplish. Our security services have to integrate with what already exists in their environments, with a clear understanding of our duties as a managed service provider (MSP) and the responsibilities of their in-house security team.\n\nA cybersecurity strategy should be integrated across all parts of an organization. It is not an obstacle to overcome: it puts extra steps in place for certain actions, but all leaders and employees must understand that this serves to enable and protect the business. It does not prevent the business from accelerating, but rather it allows the business to accelerate safely.\n\nAn education-based approach says to employees: \u201cWe\u2019re not telling you what you can't do here. We\u2019re going to tell you what you can do, how you can do it safely, why it will help you and what the outcome is of having specific security goals and controls in place that align to your business strategy.\u201d\n\nMSPs and in-house teams have to partner with clients to paint these controls in a positive light to make security part of the solution, not a roadblock. \n\nHow to put a security strategy together\n\nA cybersecurity strategy should be centered on the NIST Cybersecurity Framework, compiled by the National Institute of Standards and Technology. The framework sets out the need to identify what you're protecting, followed by steps to protect, detect, respond and recover.\n\nSo, if you\u2019re concerned that your organization has fallen behind with cybersecurity, take a step back and look at the NIST framework first. Identify your critical assets, then decide how to protect those assets, and how to respond to and recover from attacks.\n\nDon\u2019t neglect response planning! If you\u2019re already in a weakened security state, it\u2019s more likely that you will have a realized risk event and be required to implement a response quickly. Speed is critical!\n\nThink about ransomware attacks, which can unfold in less than 30 minutes. If you\u2019re unable to respond equally fast, you need to position yourself to recover by quickly containing the activity and having an immutable backup solution in place, with processes to restore your data and systems before significant impact is experienced by the business. \n\nAt the highest level, your cybersecurity strategy should address people, processes and technology \u2013 in that order:\n\nMeasuring your success in cybersecurity\n\nOnce you start implementing your strategy, you need to measure your success over time. Metrics should strike a balance between complexity and simplicity; an overzealous approach would involve overdoing security metrics by simply recording everything, which results in too much noise to be useful. Decide on the story that you need and want to tell, and then work backwards to obtain the data and information needed to be able to tell that story. \n\nSome metrics are used internally by the security team only. Others are designed specifically for the executive team and relate to broader business outcomes. Then, there are metrics that help MSPs show their clients they are getting good value. All will tell different pieces of the story, with different purposes, to different audiences, but must also paint an overall cohesive and complete picture.\n\nKnow your adversary and their intent\n\nCyber threat intelligence is often used as a buzzword within our industry, but external and internal threat information and targeted metrics must come together to generate cyber threat intelligence that is actionable \u2013 which means timely, specific, accurate and relevant. If it's missing any of those pieces, then it's not actionable from a strategic, tactical or operational perspective, meaning that it probably can\u2019t be effectively used to make decisions committing valuable resources to undertake actions which will impact the organization. NTT curates actionable cyber threat intelligence on an ongoing basis and continually reassess the threat landscape and how it affects the interests and security posture of our clients.\n\nThe MITRE ATT&CK framework, a global knowledge base of adversary tactics, techniques, and procedures, helps us design indicators to determine key assets that may have been compromised, by detecting tell-tale signs of particular cyber threats. This, together with actionable cyber threat intelligence and threat hunting, allows us to effectively partner with clients to protect their environments and to detect and respond to adversarial activity as it occurs.\n\nThese indicators of compromise (IOCs) can become numerous and complex, so at NTT, we have platforms to automate assessment by analyzing the data and generating alerts fast enough to prevent an attack from being completed and limit any loss of data or impact thereof.\n\nRely on an expert for bespoke security assistance\n\nTo proactively identify and mitigate security threats, an experienced MSP will focus on your business needs instead of following a one-size-fits-all security approach.\n\nNTT\u2019s Managed Detection & Response (MDR), for example, is a lightweight alternative to a full-scope integrated security solution. It meets our clients\u2019 unique objectives and needs while providing a basic but highly effective level of security.\n\nOur clients still need in-house security functions, but MDR is a more cost-effective mode of protection than going it alone. It allows us to partner with our clients in a different capacity from a full-scope security offering but still apply all of our expertise.\n\nRead more about NTT\u2019s Managed Cloud Security Services.