[BreachExchange] CISO Imperatives in the Age of Digital Transformation
Destry Winant
destry at riskbasedsecurity.com
Tue Mar 10 10:07:07 EDT 2020
https://www.cio.com/article/3530317/ciso-imperatives-in-the-age-of-digital-transformation.html
Cybersecurity is primarily about input and output validation; ensuring
that a program or application behaves as it is intended to.
Interestingly, AI and machine learning is expected to transform the
predictability of current data processes and traditional algorithms as
they are designed to learn and improve, making their output
unpredictable. It isn’t just AI – there are several different
technology trends that are impacting cybersecurity. Given the changing
dynamics, how can an enterprise assure security in its business?
Cloud and Mobility
Several businesses have migrated applications and data to the cloud,
making it easier to access them from a variety of connected devices
from anywhere and at any time. These connected devices have been used
to orchestrate attacks on enterprises. Therefore, it is important to
have a cloud strategy that includes security as its integral part.
Secure Access Service Edge (SASE), is used to deliver converged
enterprise network and security services from a globally distributed
cloud service. It overcomes the cost, complexity and rigidity of
loosely integrated and geographically bound point solutions. When
combined with a global private backbone, SASE can also address WAN and
cloud connectivity challenges.
Zero Trust
Zero Trust is a concept of not trusting anything in or around the
perimeter and verifying all entities seeking to connect to its systems
before granting access. Zero Trust offers effective security by
leveraging various existing technologies and governance processes. It
calls for enterprises to leverage micro-segmentation and granular
perimeter enforcement based on user data to determine trust and
access.
Open Source
With proliferation of open source, enterprises need to secure not just
commercial software, but also invest in securing open source software.
Every member in a connected ecosystem from vendors, services
providers, practitioners to end consumers, needs to be secure. Any
weak link can put the entire ecosystem at risk. Open source usage is
increasingly seen in categories like cloud management, security,
analytics and storage, which have historically been dominated by
proprietary products.
Some of the key emerging open source technologies are open source
firewall, instantaneous server-less workloads, trustworthy AI,
blockchain, quantum computing, etc. Fueled by open methodologies and
peer production, employees from enterprises are contributing to open
source communities and collaborating better, thus forcing management
to rethink their strategies.
5G and IoT
5G next generation wireless technology will enable enhanced speed and
performance, lower latency and better efficiency. It is expected to be
broadly used for IoT communications and videos while
controls/automation, fixed wireless access, high-performance edge
analytics, and location tracking are the second tier uses for
5G-capable networks. 5G networks will support enormous number of
connected devices thus creating a different threat landscape.
Robots/Automation
New-age organizations are deploying robots to perform menial tasks to
improves efficiency. This throws up new challenges, such as securing
the operating systems of these robots without impacting the consumer
experience.
Integration is a key aspect of automation and orchestration, that
delivers efficiency with near zero errors. Integration with different
solutions for the orchestration of playbooks, ensures quick action on
tasks, especially in security operations. This supports rapid incident
response, leading to the immediate containment of threats and faster
resolution.
Computing Power
Experts predict quantum computing will become mainstream in the next
decade. The security infrastructure must gear up to meet the new
challenges that enhanced computing capabilities will bring. Security
has traditionally managed enterprise data that was structured by
default. Today, the enterprise approach to cybersecurity needs to
evolve to accommodate data that exists in distributed, decentralized
and fluid formats that are difficult to control and collate.
As technology evolves, enterprises must take these fundamental steps
to bolster their security:
1. Be Agile and Dynamic
To achieve continuous delivery with improved productivity and better
security assurance, it is essential to have close collaboration
between development, security and operations teams. The DevSecOps
concept meets the objective of merging the contrasting goals of rapid
speed of delivery with deployment of highly secure software
applications into one streamlined process, thus delivering secure
applications within agreed timelines. This also helps enterprises
identify vulnerabilities at an early stage of development and
recognize opportunities for automation.
2. Built-in Versus Bolt-in
Security cannot be treated as an afterthought post software
implementation. Instead, it needs to be integrated into the system. It
is important to define the problem accurately and think about it from
a ‘secure by design’ perspective. If you cannot define, you cannot
measure…and if you cannot measure, you cannot manage. Therefore, it is
extremely important to define key performance indicators (KPIs).
3. Systems and Processes
Having the required infrastructure and processes to store information
in a structured retrievable format is crucial. Working on Excel sheets
in individual systems creates weak spots. Putting everything into a
system makes people more responsible and accountable and provides easy
access to any information.
4. More Safety Nets
While most security experts talk about the importance of defense in
depth, it is also important to consider ‘depth in defense’ – such as
ensuring different layers of control for a more effective security,
even though it adds to the cost.
5. Empowered Teams
Security teams need to have an insatiable curiosity and desire to
learn. Encourage the team to ask questions and empower them to do the
right thing without fear of retribution. Every team member needs to
think like a CISO. Learning must be a continuous process including
lessons from mistakes and failures. The current CISO models simply
cannot scale.
The fight against cybercrime is asymmetrical. While we need to
investigate every threat, vulnerability and incident – the attackers
need to get it right only once. The conversation must be about making
cybersecurity a business enabler, about helping businesses seize new
opportunities without jeopardizing safety. To match our attackers at
each step, we need to look for an offensive approach to defense, to
respond quickly to threats by making fundamental changes to the way we
run our organizations.
More information about the BreachExchange
mailing list