What's Hot

    What Can You Trust?

    May 7, 2025

    Build a Safer Jobsite with AI and Cameras

    May 7, 2025

    Women in Construction: PPE

    May 6, 2025
    Get your Copy Today
    Facebook Twitter Instagram
    Facebook Twitter Instagram
    Connected WorldConnected World
    • SPM
    • Sustainability
    • Projects
    • Technology
    • Constructech
    • Awards
      • Top Products
      • Profiles
    • Living Lab
    Connected WorldConnected World
    Home»Peggy's Tech Blog»Create a Solid Cybersecurity Plan
    Peggy's Tech Blog

    Create a Solid Cybersecurity Plan

    Updated:November 20, 2023No Comments4 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr WhatsApp Email
    Share
    Facebook Twitter LinkedIn WhatsApp Pinterest Email

    Should you measure the maturity and performance of your security program? How often? A survey suggests 60% of CISOs (chief information security officers) measure their security programs at least once a month and 89% measure the maturity and performance of their full security program at least once each quarter. Let’s take a closer look at how they are measuring and evaluating potential threats.

    The report from Onyxia Cyber surveyed more than 200 CISOs across a wide range of industries in the United States and Canada. Aspects in the survey include evaluating what metrics CISOs are measuring and how they are assessing cyber risk across multiple areas, such as incident response, vulnerability patching, and phishing simulations, as well as the overall impact of various cyber risk-management strategies.

    The results from the survey are very enlightening. We see 33% of CISOs are not working toward a same-day MTTD (mean time to detect), and do not have an SLA to start working on mitigating risk within 8 hours of a breach.

    What about the time to respond? MTTR (mean time to respond) is an important KPI (key performance indicator) for all security teams, as the longer the dwell time of an attack, the more catastrophic its impact. The average MTTR CISOs report is 9 hours, with the IT industry being the fastest to respond to threats, in under 7.4 hours. The financial services industry, which many expect to be ahead of the curve in security, is actually at just over 9.3 hours.

    Patching vulnerabilities is a real challenge for the security industry. The average SLA for patching or resolving critical severity vulnerabilities is in the range of 16.3 days. The average SLA for patching/resolving high-severity vulnerabilities is considerably longer, at 22.1 days. This timeframe leaves the door wide open for evil doers to abuse vulnerabilities to attack organizations. We can see in the data that critical severity vulnerabilities are given priority, and therefore 75% are resolved within 21 days, compared with 48% of those that are high severity.

    Cybersecurity management platforms can help, as they provide security assessment and benchmarking, program performance, and streamlined board reporting.

    I spoke about the value of AI (artificial intelligence) in cybersecurity on The Peggy Smedley Show last week, saying how it can help protect organizations, while eliminating the administrative load of the security staff. As an example, Microsoft Security Copilot is an AI assistant for security teams that builds on the latest in LLM (large language models). In just a few short months, the technology is already helping customers save up to 40% of their time on core security operations tasks.

    While many recognize the advantage such technologies provide, what about small businesses? How can they still mitigate cybersecurity challenges on a tight budget? This is precisely what I talked about with Ally Armeson, executive director of programs, Cybercrime Support Network, on The Peggy Smedley Show this week. She walks through the biggest challenges that exist and how to mitigate them on a tight budget, all while pointing to how the emergence of generative AI can impact workers.

    At the end of the day, cybersecurity is perhaps one of the hottest topics of the year, mainly because it impacts every business in every part of the globe. Perhaps even more importantly, if it’s not one of your key areas of focus within your organization, it clearly needs to be. As we have outlined time and time again, if we want to protect our companies, we must measure our progress and prepare for a better and more secure tomorrow.

    Want to tweet about this article? Use hashtags #IoT #sustainability #AI #5G #cloud #edge #futureofwork #digitaltransformation #green #ecosystem #environmental #circularworld #cybersecurity

    5G AI Circular Circular World CISO Cloud Cybersecurity Digital Transformation Edge Featured Future of Work IoT Microsoft Onyxia Peggy’s Tech Blog Sustainability Sustainable Ecosystem Environmental Threats
    Share. Facebook Twitter Pinterest LinkedIn Tumblr WhatsApp Email

    Related Posts

    What Can You Trust?

    May 7, 2025

    Build a Safer Jobsite with AI and Cameras

    May 7, 2025

    Women in Construction: PPE

    May 6, 2025

    Success Stories: Customized Sensors for Wildfire Prevention

    May 5, 2025

    The Rise of Prefab

    May 1, 2025

    Manufacturing in an Era of Digital Product Passports

    April 30, 2025
    Add A Comment

    Comments are closed.

    Get Your Copy Today
    2025 ASCE REPORT CARD FOR AMERICA’S INFRASTRUCTURE
    https://youtu.be/HyDCmQg6zPk
    ABOUT US

    Connected World works to expand quality of life and influence a sustainable future through digital transformation, innovation, and create opportunities all around.

    We’re accepting new partnerships and radio guests right now.

    Email Us: info@specialtypub.com

    4611 Hard Scrabble Road
    Suite 109-276
    Columbia, SC  29229

     

    Our Picks
    • What Can You Trust?
    • Build a Safer Jobsite with AI and Cameras
    • Women in Construction: PPE
    Specialty Publishing Media

    Questions? Please contact us at info@connectedworld.com

    Press Room

    Privacy Policy

    Media Kit – Connected World/Peggy Smedley Show

    Media Kit – Constructech

    Facebook Twitter Instagram YouTube LinkedIn
    © 2025 Connected World.

    Type above and press Enter to search. Press Esc to cancel.