[BreachExchange] Bringing People And Technology Together Will Help Us Win The Cyber Battle
Destry Winant
destry at riskbasedsecurity.com
Thu Jan 31 05:57:33 EST 2019
https://www.forbes.com/sites/jameshadley/2019/01/28/brining-people-and-technology-together-will-help-us-win-the-cyber-battle/#2458e4d91b67
Not one day into 2019 and the year’s first data breach was reported by
the Victoria Premier’s Department in Australia, and a couple of days
later a truckload of high-profile German politicians and other
individuals found their personal data had been leaked on Twitter.
Seven days into the New Year and I have no doubt cybersecurity
professionals are already exhausted at the prospect of what the next
53 weeks of 2019 hold.
Cybersecurity is frequently referred to as a ‘cat and mouse’ game and
while it’s certainly true that the white hats frequently struggle to
keep up with the innovation of black hats, the way that we’ve
traditionally attempted to has left a lot to be desired. There’s no
doubt that technology has come a very long way in supporting security
professionals on the ever-growing battle-ground, but machines are only
half the battle. People are the rest.
That fact is unlikely to come as much of a shock to most people.
There’s enough talk about the dire skills gap in cybersecurity and the
need to recruit more people into the industry, but it goes further
than that. The way that we teach cyber skills hasn’t been updated in
years. Every six months or so, the security team gets shipped off to
London or another city to sit in a lecture theatre for days, listening
to a trainer explain the ‘latest’ threats and how to combat them. The
problem with this is two-fold. Firstly, it’s not a particularly
engaging way to learn – akin to in one ear and out the other.
Secondly, by the time these skills have been taught, cybercriminals
have moved on to their next thing and the lesson is out of date. It’s
really no wonder we can’t keep up.
On top of this, cybersecurity teams are bombarded by information on a
daily basis. In the last few years, threat intelligence tools have
become a key component of enterprise security strategies and, while
they provide invaluable insight into the latest attacks, security
teams often don’t know how to deal with the information they’re given.
This is leaving a gaping hole in most businesses’ defences, one that
can’t be plugged by more security tools.
Corporates are beginning to recognise that a drastic re-think is
needed, and intelligent security tools need to be combined with
real-time learning in order to have any hope of keeping on top of the
barrage of new threats emerging. There’s no doubt that there are some
incredible security tools available and threat intelligence has
fundamentally changed the organisation’s approach to security, but
this technology is only as good as the people using it.
So. what’s the answer? As Goldman Sachs’s CISO has put it “continuous
training programmes are critical to meeting evolving cybersecurity
threats”, organisations need to move away from sporadic training to
ensuring skills are kept up to date day-to-day in a way that will
engage security teams. It’s important that general skills are kept
up-to-date, but teams also need to know how to deal with emerging
threats as well. This means taking threat intelligence data and making
it actionable, running sessions as the information becomes available
to ensure there are no knowledge gaps.
We’re on the right path to make it more and more difficult for
cybercriminals to have their way. As more organisations realise the
value of continuous training and skills development, they will quickly
find a drastic improvement in their defences. Bringing people and
technology closer together will be the answer to fighting the
cybersecurity battle.
More information about the BreachExchange
mailing list