In a time of unprecedented state-sponsored cyber attacks targeting critical infrastructure, we look to CISOs for guidance in identifying the most urgent priorities for enterprise cybersecurity to focus on.
The Cybersecurity Collaborative and Cybersecurity Collaboration Forum polled more than 650 CISOs and developed a list of key issues that earned their attention. Below is a snapshot of critical priorities – from malware, ransomware and cloud security to IT skills shortage and expanding security awareness programs – that are concerning CISOs today.
1. IT Skills Shortage
The DevOps model is dedicated towards automating and integrating IT and software development functions, while DevSecOps extends to embedding security as a priority and a shared responsibility throughout the development lifecycle. Cited as ‘critical’ or ‘important’ by CISOs, DevOps and DevSecOps topped the rankings for “must-have processes and frameworks” for enterprise IT staff.
The next most important operating models, according to CISOs, are agile practices, site reliability engineering (SRE), design or system thinking, and IT Infrastructure Library (ITIL). Add to that long list of ‘must-have technical skills’ are demonstrable knowledge of cloud computing technologies, followed by container orchestration, modern computing technology and architectures, and application technologies.
Nearly everyone in the industry says they can’t find candidates with the above qualifications to fill the jobs they need done in security departments and security operations centers. In fact, the number of unfilled cybersecurity positions is close to 600,000 on Cyberseek. Despite the challenges, the industry keeps trying by opening more training opportunities.
2. Malware/Ransomware Security
A staggering 78% of people stop engaging with a brand online following a data breach. While a business could still recover from the financial damage caused by ransomware-induced downtime, rebuilding its reputation and regaining the trust of customers is a long, tedious and more often than not, futile process. This is one of the main reasons why businesses abstain from reporting a ransomware breach.
While there isn’t a 100% fail-safe strategy to avoid cybersecurity attacks such as ransomware, CISOs agree that businesses can certainly demonstrate a stronger commitment to preventing security breaches or data loss incidents. Adopting an inclusive approach that involves the best of cybersecurity and compliance is a step in the right direction.
3. Cloud Security
CISOs are focused on the security challenges that come with the dramatic shift to the cloud during the Covid19 pandemic. A report by SC’s Valtix found 95% of IT leaders say Log4Shell was a “wake-up call” for cloud security, changing it permanently. As a result, 87% now feel less confident about their cloud security than they did prior to the incident.
IT leaders are looking to AI and ML to enhance cloud security by identifying vulnerabilities like Log4 Shell, which infiltrates computer systems and shuts down access to critical data. It can single out threats with longer-term effects, such as leaking customer data, warning business leaders of a potential damage to the reputation before it happens.
An AI-enabled security will have eyes on everything, allowing SOC teams to perform critical thinking in anticipating harmful behavior in the system. If an activity is found to be anomalous or exceeding a threshold defined by AI, an alert is sent to IT security staffers detailing the threat, the impact on business continuity, and the actions to be taken.
4. Zero Trust
CISOs are also focused on integrating zero-trust principles across their enterprise and hybrid cloud networks. The challenge is that there is little knowledge, much less adoption of zero-trust security policies in the business landscape. SC Media reported that only 35% of security pros say they are “very familiar” with zero trust.
A zero-trust policy is a security framework wherein all users, both within and without an organization’s network, are required to be authenticated, authorized, and validated for security configuration before being given access to data and applications.
Developing a zero-trust environment isn’t just about layering individual technologies such as multi-factor authentication, or advanced permissioning and micro-segmentation. It’s about utilizing these technologies to enforce the idea that no one should be granted access until they’ve proven worthy of trust.
5. Endpoint Protection
CISOs are confronted with the difficult challenge of upgrading to next-gen endpoint security solutions. According to the latest Endpoint Security Report, 46% of cyber security professionals believe that many installed legacy security products are failing to stop an increasing number of evolving threats. Interestingly, 41% of respondents believe that while they have solid tools and processes in place, they are still concerned that threats are slipping through their defenses.
Implementing a strong endpoint security protection strategy requires a comprehensive and all-encompassing approach. The security threats that organizations face increase in sophistication and frequency all the time, and using simple antivirus software or firewall or basic network segregation protocols won’t cut it. The key to digital asset protection is a holistic and integrated management solution which enables total data visibility, response, and remediation.
CISO-as-a-Service: Strategic Security Within Your Reach
Cybersecurity is ever evolving, and having a professional on the team with key experience and insight is crucial. No matter which industry you are in, cyberattacks are on the rise and are impacting customers and businesses alike.
To keep ahead of these cyberattacks, many companies are looking to build out an in-house cybersecurity team. However, not every business owner can afford the necessary resources to get this team up and running in-house.
Finding and hiring a full-time Chief Information Security Officer (CISO) with the necessary experience can be challenging for organizations of all sizes. The right resource is critical to an organization’s security resilience and ensuring the organization maintains regulatory compliance.
UDT offers a unique service to the cybersecurity field: Chief Information Security Officer as a Service (CISOaaS). This service provides a client with the necessary expertise to navigate the changing cybersecurity landscape without needing to hire an entire team.
What are some of the benefits of CISOaaS?
- No need to hire someone full time
- Leverage expertise from a pool of former CISOs
- Provide oversight and management of day-to-day activities
- Provide insight on reporting and cyber events
- Fill gaps in key strategic security components