Why Your Business Needs Cybersecurity More Than Ever? In today's hyper-connected digital world, cybersecurity is no longer a...
 
														 
														Why Your Business Needs Cybersecurity More Than Ever? In today's hyper-connected digital world, cybersecurity is no longer a...
 
Worried about being a target for phishing attacks? Protect your company today!
 
														Understand the Holiday Season Cyber Threats The holiday season is a time for joy, celebration, and generosity. However, this...
 
Cybercriminals steal credit card? Cybercriminals have various methods at their disposal to hack and exploit credit card...
 
While home health agencies face distinct health IT challenges, collaboration and innovation are crucial for overcoming these...
This in-depth cybersecurity planning guide provides information and advice to help organizations develop a successful strategy to protect their IT systems from attacks.
By: Craig Stedman, Industry Editor Published on TechTarget : 23 Jul 2024
Effective cybersecurity is crucial to businesses — and it’s becoming even more important as digital transformation initiatives, cloud computing, remote work and the use of AI technologies expand in organizations. Those trends make IT networks and systems, and the data they contain, more vulnerable to cybersecurity threats that can harm business operations, inflict substantial costs and damage a company’s reputation.
Malicious attackers are increasingly targeting systems and applications that aren’t properly protected. For example, in an annual survey of cybersecurity professionals conducted in 2023 by the professional association ISACA, 38% of the 2,178 respondents said their organization was experiencing an increase in attempted cyberattacks — larger than the percentages that said they were seeing the same number (31%) or fewer attacks (11%). Also, only 42% said they were completely or very confident in their cybersecurity team’s ability to detect and respond to threats.
As a result, it’s no surprise that many organizations are increasing their investments in cybersecurity. Gartner projected that spending on information security will total $184 billion worldwide in 2024, up 13.4% from $159 billion in 2023. In a survey on 2024, IT spending plans done by TechTarget’s Enterprise Strategy Group research division, 68% of 482 respondents involved in cybersecurity efforts said their organization expected to increase spending on cybersecurity technologies year to year. That topped the list of planned spending increases for all of the different technologies in the survey.
But spending all that money wisely is a must. To help with that, this comprehensive guide to cybersecurity planning explains what cybersecurity is, why it’s important to organizations, its business benefits and the challenges that cybersecurity teams face. You’ll also find an overview of cybersecurity tools, plus information on cyberattacks to be prepared for, cybersecurity best practices, developing a solid cybersecurity plan and more. Throughout the guide, there are hyperlinks to related TechTarget articles that cover the topics more deeply and offer insight and expert advice on cybersecurity efforts.
At heart, cybersecurity is protecting IT networks, systems, applications and data from attacks, intrusions and other cyber threats. Those threats mostly come from external attackers, but some cybersecurity incidents involve employees and other insiders who act maliciously or inadvertently cause security problems. In its most recent annual report on data breaches in businesses, released in May 2024, Verizon said 35% of the 10,626 breaches it investigated for the report involved internal actors.
 
Cybersecurity programs incorporate a variety of processes and tools designed to help organizations deter, detect and block threats. They’re typically run by a cybersecurity department or team that’s led by the CISO, the CSO or another senior executive. However, a maxim among security professionals is that everyone in an organization is responsible for information security.
That makes building a strong cybersecurity culture through organization-wide security awareness and employee training vital to successful programs. Security teams need to do things such as promote individual responsibility and accountability for cybersecurity and encourage collaboration between different departments on security planning. Taking a human-centric approach to the cybersecurity program is another recommended step. For example, puzzles, games, simulations and role-playing can make the training process less of a grind for people. “Your activities will need to be creative and impactful to resonate with the fatigued audience and motivate them to behave securely,” Jinan Budge, a principal analyst at Forrester Research, wrote in a July 2023 blog post.
Weak or faulty cybersecurity protections can result in serious business problems. Data breaches that give attackers access to customer records and other sensitive information are a high-profile consequence of network intrusions and attacks. The following are some prominent examples:
In addition to potential lost business because of bad publicity and damaged customer relationships, such incidents can have a tangible financial impact. The average cost of breaches at 553 organizations worldwide between March 2022 and March 2023 was $4.45 million, according to IBM’s “Cost of a Data Breach Report 2023.” In some cases, the tab can be much higher. For example, as part of a settlement with U.S. agencies and state governments, consumer credit rating agency Equifax agreed in 2019 to pay up to $700 million in fines and restitution to victims of a data breach two years earlier that affected 147 million people in the U.S.
Other types of attacks directly aim to extract money from organizations. In particular, ransomware attacks — in which attackers encrypt data files and then demand payments to decrypt them, or just threaten to sell or publicly disclose stolen data if a payment isn’t made — are now one of the most prevalent cyberthreats. In a 2024 survey commissioned by security software vendor Sophos, 59% of the 5,000 IT and cybersecurity leaders who responded said their organization was hit by a ransomware attack during the previous 12 months. The average ransom payment listed by respondents who said what their organization paid was just under $4 million, while estimated recovery costs averaged $2.73 million for all the attacked organizations.
Again, the cost can be significantly more than that for some organizations. MGM Resorts International estimated that a September 2023 ransomware attack would cost it $100 million, although its cyber insurance policy was expected to cover the full amount. Caesars Entertainment was hit by a similar attack at the same time and paid $15 million in ransom, according to The Wall Street Journal.
Distributed denial-of-service (DDoS) attacks that shut down websites and other online systems are also often used to try to get companies to pay money to the attackers.
The biggest benefit that a strong security posture provides is the ability to avoid business problems. Organizations can continue to operate smoothly without any disruptions or financial hits from attacks enabled by lax cybersecurity. Security teams should track various metrics on cybersecurity — such as detected intrusion attempts, incident response times and performance comparisons against industry benchmarks — to help show business executives and board members how security initiatives contribute to that outcome.
Effective cybersecurity efforts can also pay off more broadly by helping companies achieve their strategic and operational goals. In addition to preventing data breaches and other attacks, building a sustainable cybersecurity program helps support an organization’s business objectives, including the environmental, social and governance initiatives that have become priorities in many companies.
Cybersecurity is inherently challenging — and even what appears to be a well-designed strategy can be undone by a single weak point. Another maxim among security professionals is that they need to stop all attacks from being successful, while attackers only need to break through an organization’s defences once. In trying to prevent that from happening, the challenges that cybersecurity teams face include the following:
Increasing enterprise use of AI in general and generative AI in particular also creates new cybersecurity concerns. For example, end users might inadvertently enter sensitive data into a GenAI tool such as ChatGPT, which could then expose the data to competitors or attackers. In addition, AI applications pose regulatory compliance risks and could enable data poisoning attacks that affect the behavior of AI models, among other issues. Organizations must now factor management of AI and GenAI security risks into their cybersecurity programs.
Another approach is outsourcing some or all cybersecurity operations to a managed security service provider (MSSP) to reduce costs and offload the challenges and complexities. The potential benefits of cybersecurity outsourcing also include increased reliability, faster deployment of new technologies, better access to security skills and more. Outsourcing can be extended to include information security leadership responsibilities through CISO as a service offerings. But there are possible drawbacks to consider. For example, an MSSP might not fully grasp an organization’s culture and needs, and managed services might not produce the expected cost savings if the relationship is ineffective.
The cybersecurity technologies that security experts have said organizations should consider using to meet today’s challenges of protecting networks and systems include the following:
That’s in addition to widely used technologies such as antivirus software, firewalls, virtual private networks (VPNs) and tools that support access control, email filtering, data encryption, network security monitoring, intrusion prevention, vulnerability management, penetration testing and other cybersecurity functions. The available tools include a plethora of free cybersecurity software options that organizations can use in addition to or as an alternative to commercial software products.
The Mitre ATT&CK framework, a free knowledge base that documents the behaviors and tactics of threat actors, can also help security teams strengthen their defenses against attacks. Programming languages are important components of the cybersecurity toolkit too. Team members should understand the potential cybersecurity uses of key programming languages and learn the ones they need to know to do their jobs.
In addition to financial gains from stolen bank account and credit card numbers, ransom payments and intellectual property theft, cyberattacks can aim to disrupt the operations of targeted organizations or be a form of protest against government and corporate policies. One of the complicating factors in preventing them is that there also are many different types of attacks to guard against.
The following are some of the most common — and potentially damaging — ones:

Other common cyber threats include man-in-the-middle attacks, in which messages between two parties are intercepted and relayed; URL interpretation and poisoning attacks that modify the text of URLs to try to access information; DNS spoofing to send users to fake websites; DNS tunneling that uses malicious data in messages to evade security controls; watering hole attacks that embed malicious code in legitimate websites; eavesdropping attacks, which capture data from poorly secured communications traffic; and birthday attacks, a brute-force technique that can enable attackers to obtain encryption keys and user credentials.
Cybersecurity plans should also incorporate the possibility of an advanced persistent threat (APT), an attack that aims to maintain access to a network for an extended period without being detected. APT attacks are designed to steal sensitive data on an ongoing basis and typically are carried out by well-funded cybercrime groups, often ones controlled or sponsored by national governments.
These are some best practices for cybersecurity teams to help ensure that their organization isn’t victimized by cyberattacks:
On the last item, security awareness programs can be a waste of time if they’re just a box-checking exercise — a short presentation repeated annually, for example. Instead, cybersecurity training for employees should include engaging content and materials and be updated regularly to include information on new threats and operational requirements.
An ongoing security awareness program is also a must because of the increased number of people working from home in many organizations. Additional best practices on managing cybersecurity for remote workers include implementing VPNs and other fundamental security controls for them, strengthening data security and protection policies, and analyzing user behavior to help identify suspicious activities.

In addition, a cybersecurity initiative should have a defined process for managing the attack surface in an organization. The process should include continuous mapping and monitoring of the attack surface, plus automation of data classification and protection measures. As part of attack surface management, security teams also commonly think like attackers to help identify potential points of attack in IT systems. An incident response plan that details what to do when attacks happen is another important element of a cybersecurity program.
A strong program for governing cybersecurity efforts is required too. Effective cybersecurity governance will help ensure that everyone in an organization is working toward common goals and adhering to the organization’s security policies and procedures.
The planning process should start with a cybersecurity risk assessment that identifies key business objectives, essential IT assets for achieving those goals and potential cyberattacks — as well as how likely the attacks are to occur and what kinds of business impacts they could have. The following five-step process can be used to assess cybersecurity risks:
Next, an organization can move on to developing a cybersecurity strategy, which should be a high-level plan for the next three to five years — although such strategies often must be updated sooner than that. Strategy development steps include understanding the threat landscape, assessing your current and desired cybersecurity maturity levels, deciding what to do to improve cybersecurity and documenting specific plans, policies, guidelines and procedures. The strategy should cover all aspects of cybersecurity, also including communications security, or COMSEC, measures designed to protect telecommunications systems.

An effective security plan also requires a budget, of course. In creating a cybersecurity budget, CISOs and other security leaders should allocate sufficient resources to different aspects of the security process, including compliance, training and ongoing risk assessments, while also ensuring that security programs can support new business initiatives and changes in business priorities.
As mentioned above, one of the biggest trends affecting cybersecurity is the increase in remote work. That was already an issue before the COVID-19 pandemic significantly accelerated the shift to working from home, and it’s an ongoing concern for cybersecurity teams, despite efforts by many companies to bring workers back to the office. In a list of top cybersecurity trends in 2024, Gartner cited the expanded attack surfaces that have resulted partly from the growing ranks of remote workers as a driver for organizations to implement continuous threat exposure management programs. That’s a concept it first outlined in 2022 for more closely aligning cybersecurity efforts with business operations and objectives.
Other trends that are shaping future cybersecurity needs and challenges include the following items:
Increased adoption of secure access service edge technology — better known by its acronym, SASE — and security operations centers are also among the expected trends in cybersecurity, as are emerging measures to help organizations defend themselves against possible attacks driven by quantum computing. Another emerging concept is a cybersecurity mesh architecture, also outlined by Gartner, that applies a multilayered approach to help manage security in complex IT environments.
According to a July 2023 research report published by Enterprise Strategy Group and Information Systems Security Association (ISSA) International, a combined 71% of 301 surveyed ISSA members said their organization was being somewhat or significantly affected by the shortage of skilled cybersecurity professionals. Only 5% reported that the skills gap had improved over the past two years, and 54% said it got worse.
Steps that can help mitigate the problem include recruiting new workers from groups of people who are underrepresented in IT now, building skills in-house and better supporting existing security staffers so they’re less likely to take another job.

The ongoing skills shortage does mean there are lots of job opportunities for both current and prospective cybersecurity workers. Some of the most in-demand cybersecurity positions in organizations include cybersecurity engineers, security analysts, network security architects, security software developers and penetration testers. ISSA has mapped out a five-step career path in cybersecurity that includes those positions and others, culminating at the security leader level.
The key skills for cybersecurity professionals to possess — and that organizations should look for in job candidates — include a combination of technical skills and soft skills such as creativity and effective communication. Applicants should also be prepared to answer common cybersecurity job interview questions, including why they want to pursue a career in the field and what aspect of it interests them the most.
Experienced cybersecurity professionals looking to advance their careers, and new workers hoping to get into the field can bolster their skill sets and résumés by obtaining certifications offered by various industry groups and IT vendors. The top cybersecurity certifications that are available include a combination of entry-level and security management ones, as well as advanced technical programs for penetration testers, ethical hackers and other positions.
Cybersecurity For Business
Online courses are another avenue for bolstering cybersecurity knowledge and skills. A large number of free and paid cybersecurity courses are offered by courseware providers, industry groups, academic institutions and U.S. federal agencies.
Craig Stedman is an industry editor who creates in-depth packages of content on business intelligence, analytics, data management and other types of technologies for TechTarget Editorial.
Stay Safer, One Email at a Time: Introducing Our New AI-Powered Email Scanner In today's rapidly evolving digital...
Why Your Business Needs Cybersecurity More Than Ever? In today's hyper-connected digital world, cybersecurity is no...
Worried about being a target for phishing attacks? Protect your company today!