BreachExchange mailing list archives
CISO Imperatives in the Age of Digital Transformation
From: Destry Winant <destry () riskbasedsecurity com>
Date: Tue, 10 Mar 2020 09:07:07 -0500
https://www.cio.com/article/3530317/ciso-imperatives-in-the-age-of-digital-transformation.html Cybersecurity is primarily about input and output validation; ensuring that a program or application behaves as it is intended to. Interestingly, AI and machine learning is expected to transform the predictability of current data processes and traditional algorithms as they are designed to learn and improve, making their output unpredictable. It isn’t just AI – there are several different technology trends that are impacting cybersecurity. Given the changing dynamics, how can an enterprise assure security in its business? Cloud and Mobility Several businesses have migrated applications and data to the cloud, making it easier to access them from a variety of connected devices from anywhere and at any time. These connected devices have been used to orchestrate attacks on enterprises. Therefore, it is important to have a cloud strategy that includes security as its integral part. Secure Access Service Edge (SASE), is used to deliver converged enterprise network and security services from a globally distributed cloud service. It overcomes the cost, complexity and rigidity of loosely integrated and geographically bound point solutions. When combined with a global private backbone, SASE can also address WAN and cloud connectivity challenges. Zero Trust Zero Trust is a concept of not trusting anything in or around the perimeter and verifying all entities seeking to connect to its systems before granting access. Zero Trust offers effective security by leveraging various existing technologies and governance processes. It calls for enterprises to leverage micro-segmentation and granular perimeter enforcement based on user data to determine trust and access. Open Source With proliferation of open source, enterprises need to secure not just commercial software, but also invest in securing open source software. Every member in a connected ecosystem from vendors, services providers, practitioners to end consumers, needs to be secure. Any weak link can put the entire ecosystem at risk. Open source usage is increasingly seen in categories like cloud management, security, analytics and storage, which have historically been dominated by proprietary products. Some of the key emerging open source technologies are open source firewall, instantaneous server-less workloads, trustworthy AI, blockchain, quantum computing, etc. Fueled by open methodologies and peer production, employees from enterprises are contributing to open source communities and collaborating better, thus forcing management to rethink their strategies. 5G and IoT 5G next generation wireless technology will enable enhanced speed and performance, lower latency and better efficiency. It is expected to be broadly used for IoT communications and videos while controls/automation, fixed wireless access, high-performance edge analytics, and location tracking are the second tier uses for 5G-capable networks. 5G networks will support enormous number of connected devices thus creating a different threat landscape. Robots/Automation New-age organizations are deploying robots to perform menial tasks to improves efficiency. This throws up new challenges, such as securing the operating systems of these robots without impacting the consumer experience. Integration is a key aspect of automation and orchestration, that delivers efficiency with near zero errors. Integration with different solutions for the orchestration of playbooks, ensures quick action on tasks, especially in security operations. This supports rapid incident response, leading to the immediate containment of threats and faster resolution. Computing Power Experts predict quantum computing will become mainstream in the next decade. The security infrastructure must gear up to meet the new challenges that enhanced computing capabilities will bring. Security has traditionally managed enterprise data that was structured by default. Today, the enterprise approach to cybersecurity needs to evolve to accommodate data that exists in distributed, decentralized and fluid formats that are difficult to control and collate. As technology evolves, enterprises must take these fundamental steps to bolster their security: 1. Be Agile and Dynamic To achieve continuous delivery with improved productivity and better security assurance, it is essential to have close collaboration between development, security and operations teams. The DevSecOps concept meets the objective of merging the contrasting goals of rapid speed of delivery with deployment of highly secure software applications into one streamlined process, thus delivering secure applications within agreed timelines. This also helps enterprises identify vulnerabilities at an early stage of development and recognize opportunities for automation. 2. Built-in Versus Bolt-in Security cannot be treated as an afterthought post software implementation. Instead, it needs to be integrated into the system. It is important to define the problem accurately and think about it from a ‘secure by design’ perspective. If you cannot define, you cannot measure…and if you cannot measure, you cannot manage. Therefore, it is extremely important to define key performance indicators (KPIs). 3. Systems and Processes Having the required infrastructure and processes to store information in a structured retrievable format is crucial. Working on Excel sheets in individual systems creates weak spots. Putting everything into a system makes people more responsible and accountable and provides easy access to any information. 4. More Safety Nets While most security experts talk about the importance of defense in depth, it is also important to consider ‘depth in defense’ – such as ensuring different layers of control for a more effective security, even though it adds to the cost. 5. Empowered Teams Security teams need to have an insatiable curiosity and desire to learn. Encourage the team to ask questions and empower them to do the right thing without fear of retribution. Every team member needs to think like a CISO. Learning must be a continuous process including lessons from mistakes and failures. The current CISO models simply cannot scale. The fight against cybercrime is asymmetrical. While we need to investigate every threat, vulnerability and incident – the attackers need to get it right only once. The conversation must be about making cybersecurity a business enabler, about helping businesses seize new opportunities without jeopardizing safety. To match our attackers at each step, we need to look for an offensive approach to defense, to respond quickly to threats by making fundamental changes to the way we run our organizations. _______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- CISO Imperatives in the Age of Digital Transformation Destry Winant (Mar 13)