Want to be a CISO? Being technical is just one of the requirements
As data breaches’ financial and reputational costs continue to reach new heights, cybersecurity should be on top of mind for leadership across every industry.
Recent Proofpoint research found that 65% of board members believe their organization is at risk of material cyber attack in the next 12 months. Worryingly, 47% feel their organization is unprepared to cope with a targeted attack.
In this Help Net Security interview, Chris Konrad, Area Vice President of Security, Global Accounts at World Wide Technology, offers advice to CISOs that are increasingly under pressure, discusses using a security maturity model, discusses interesting security technologies, and more.
What advice would you give to a newly appointed CISO that strives to improve security strategy?
CISOs can no longer focus strictly on developing technical capabilities and protecting their organizations. Executives and boards are looking to CISOs to make investments that drive growth with a holistic security framework.
First, every CISO needs to know what their board’s mission and vision are, as well as what their risk appetite and tolerance are. You can’t secure what you can’t see. No security program can fully eliminate risk or human error, but a mature approach to cybersecurity can mitigate the risks that pose the most danger to organizational objectives and success.
The next step is conducting a comprehensive cybersecurity program assessment to know at what level of risk you are operating. This type of analysis provides rich insights that can be actioned to increase your security program maturity. This analysis also helps to maximize the use of people, processes and technology to reduce risk and increase efficiencies.
Risk management should be a C-suite priority because it is one of the single most important determinants of business value realization. Risk management is the system by which an organization’s portfolio is directed and controlled.
How can an organization leverage a security maturity model to assess its current infosec position?
A security maturity model can help CISOs measure, communicate and visualize improvements and investments in the security program. There are many different maturity models available to help you measure a security program. One I like is the Capability Maturity Model Integration (CMMI), a process improvement maturity model for the development of products and services, developed and published by the Software Engineering Institute of Carnegie Mellon University in Pittsburgh.
Using CMMI in combination with the National Institute of Standards and Technology (NIST), an organization can have one axis measuring people, process and technology and the other axis measuring maturity from nonexistent capability to optimized.
Of course, there is not a one-size-fits-all approach – so security teams must also work with the business to understand what is key to success, and ultimately, growth.
What cybersecurity technologies are you excited about? What can make a difference in this fast-paced threat landscape?
Most organizations are doing some form of tools rationalization or platform consolidation to get a better handle on their investments and reduce overlapping capability and spend. However, there are a few technologies that have caught my eye.
For me, I love seeing how AIOps can help organizations detect, assess and eliminate potential security vulnerabilities — before they are exploited by adversaries or those acting in bad faith. AIOps is starting to transform the way organizations tackle the complex cybersecurity ecosystem.
Innovative organizations, like Cribl, can receive machine data from any source and cleanse and enrich your data before routing it to any logging or SIEM platform, like Splunk, to reduce the total amount of data that needs to be managed. CrowdStrike is enhancing observability through modern log management with LogScale, which is built to ingest and retain streaming data as quickly as it arrives, regardless of volume. Alerts, scripts and dashboards are updated in real-time, and Live Tail and retained data searches have virtually no latency.
What are the biggest challenges the cybersecurity industry will face in the next five years?
Among the biggest challenges are that our adversaries are getting smarter, and they are leveraging much of the same technology that we use to defend ourselves. There is also a wider, and perhaps more concerning, issue around the shortage of skilled resources at a global level. Cybersecurity is one of the most important industries to safeguard our democratic value but more often than not, it’s seen as an overly technical, and therefore, not attractive career. We need to be shining the light on more routes into cyber roles and also accelerating diversity.
One area that’s often overlooked is identifying people within your organization and up-leveling them. Of course, those with earned experience have the hard skills to succeed, but I think an enthusiasm and drive to achieve is just as important. And by prioritizing STEM in early education, we further raise awareness of the field.
World Wide Technology employs thousands of professionals in the STEM fields across the globe and understands the urgency of supporting future tech leaders. WWT annually hosts its STEM Student Forum, an initiative dedicated to educating high school students on the importance of STEM disciplines and the opportunities they present, while also creating positive change in the St. Louis metropolitan area, where WWT’s global headquarters is located.