[BreachExchange] The CISO: How This Role Has Transformed In The Modern Cybersecurity World

Fri May 14 10:24:13 EDT 2021

https://www.forbes.com/sites/forbesbusinesscouncil/2021/05/12/the-ciso-how-this-role-has-transformed-in-the-modern-cybersecurity-world/?sh=77862692364c

With high-profile data breaches, changing times and critical cybersecurity
initiatives being vital to companies today, the role of the CISO — and by
extension, the SecOps team — is changing. What transformations are underway
with the role of both the CISO and SecOps teams due to current
cybersecurity threats?

Cyberthreats In Today's World

The world we live in today is full of very complex and challenging
cybersecurity threats, including data breaches, ransomware and security
management. With the onset of the Covid-19 pandemic, zero-day threats in
the form of ransomware and supply chain attacks have increased worldwide.
Cybercriminals have attempted to capitalize on the quick shift to the
remote workforce and the potential for lax security policies and standards.
Ransomware and other data breach events cost businesses millions of
dollars. IBM's Cost of a Data Breach Report 2020 (registration required)
found alarming statistics:

• The average cost of a data breach in the U.S. is $8.64 million.

• The average cost of a data breach worldwide is $3.86 million.

• It takes approximately 280 days to identify and contain a data breach

• Fifty-two percent of breaches are caused by a malicious attack.

The Traditional Role Of The CISO

What is a CISO, or chief information security officer? The CISO is the
executive responsible for the comprehensive information and data security
of the organization. To understand how the role of the CISO has evolved,
let's look at the traditional role of the CISO. In days gone by, the role
of the CISO has not been considered an essential role to the business. It
parallels the view of security in previous years.

While the CISO might have been invited to the board of directors' meetings,
traditionally, they have not been given the same voice as other board
members. This was primarily due to the early role of the CISO being highly
technical and not so much a business influencer. Cybersecurity and
proactive defense against cybersecurity attacks, including data breach and
ransomware, were not on the radar of business leaders.

The Evolving Role Of The CISO

How have CISO job duties morphed over the years? When you fast-forward to
today, the modern world of cybersecurity is a much different place than in
previous years. We now live in a world with significant data breach events
and large-scale ransomware attacks that cripple large organizations.
Consider:

• The SolarWinds and Microsoft supply chain attacks show that cyberthreats
are becoming extremely sophisticated.

• In 2020, 73% of all ransomware attacks were successful.

• In 2020, companies such as Garmin, Jack Daniel's and Carnival, among many
others, suffered from a major ransomware attack. Many of these companies
invest heavily in cybersecurity teams yet still suffered a data breach.

Cybersecurity is now no longer a technical issue that is only a concern of
IT operations. The business takes center stage with cybersecurity as the
security risks with today's technology-driven data processes can disrupt an
entire company for days, weeks or even permanently to an extent the
business never recovers.

How does this change the role of the CISO in modern enterprise
organizations? The CISO is now much more involved in the overall risk
management and business leadership of an organization. Now, a wise group of
C-level executives listens very closely to what the CISO and the CIO have
to say regarding cybersecurity initiatives and take cybersecurity risks and
threats seriously.

Skills Of Modern, Effective CISOs

The role of the CISO is no longer entirely about security. It must also
include being familiar with the business and tying security initiatives and
activities into the business. Security cannot be a blocker to the company
but rather an enabler. While CISOs no longer need to have expert knowledge
in a specific security area, this does not mean lowering the requirements
for CISOs. Instead, today, CISOs are expected to know more about many
security areas and have the "strategic big picture" and how it affects the
overall business.

Cybersecurity today has a direct bearing on business outcomes. Along with
having the technical understanding to develop and oversee cybersecurity
initiatives, CISOs must also communicate effectively with the board of
directors and senior management to effectively and cohesively make security
an integral and intrinsic part of the business.

The Evolving Role Of SecOps

What is SecOps? SecOps is a blend of two terms (security and operations)
that highlights IT operations processes, standards, policies and
technologies that keep business-critical data secure. SecOps personnel are
often at the front lines of the defensive mechanisms of most organizations
and perform tasks associated with incident response, perimeter security,
threat intelligence and network security.

Today, SecOps teams are pivoting from the defensive stance in years past to
a much more proactive, offensive role in the. Modern SecOps teams have to
stay ahead of the threat landscape and anticipate the moves of malicious
threat actors. Attempting to react to a cyberattack, such as a ransomware
attack using purely manual and reactive processes, is no longer effective.

In addition to the shift from defensive to offensive tactics, SecOps skills
must include a keen focus on cloud security skills. The onset of the
Covid-19 pandemic has accelerated cloud migration strategies and timelines.
I've observed that SaaS environments such as Google Workspace and Microsoft
Office 365 are popular among companies to empower remote workers. SecOps
teams must have the security skills of the various cloud platforms to
ensure business-critical data is not lost or leaked.

Wrapping Up

Due to the very sophisticated landscape of modern cyberthreats and many
successful zero-day attacks, the primary goal of the CISO is evolving. It
includes reducing the impact of modern security threats and preparing the
organization for a new way of zero-day attacks. In the end, this helps
companies reduce downtime and recovery costs. By using new tools such as
security automation, organizations can protect against these very
pinpointed attacks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210514/143a51e1/attachment.html>