For non-IT professionals, 2020 may live in infamy as the year of staying home, and “staying safe.” In cybersecurity, staying safe always drives major expenditures, new hires, and boardroom presentations, but even here, 2020 kicked things up a notch. Maintaining a strong cybersecurity posture was clearly a factor during the mad dash to enable a remote global workforce but wasn’t always center stage in making remote technologies work at an unprecedented scale.
Now, as we regroup and recoup, some things will keep changing as users stay remote long-term while others must get back to normal, or at least, basics.
Netenrich and its council of industry thought-leaders predict this year will bring a doubling down on fundamentals that prepares us to pivot, innovate, and anticipate whatever comes next. As such our suggestions for CISOs making New Year’s resolutions includes some obvious and not-so-obvious ways to set the stage for success (with or without our help).
Related Read | Future Of Work: A CEO’s View Of 2021
Our Top 10 suggestions are:
#1 Organize your toolbox to improve cybersecurity posture.
Do you have two or more tools doing basically the same thing? Jobs taking too long because you can’t find the right new tool? Is your SOC “work area” set up to make the most of every tool you own or rent?
The typical stockpile of 20 to 40 security tools that don’t integrate well represents a huge source of wasted time and effort, and a major chokepoint to rapid response. Take the time to assess your toolbox and arrange workflows to minimize repetition, crosstalk, silos, and the smothering barrage of disparate logs and alerts.
Streamlining tool complexity around best practices and end-to-end visibility goes a long way toward making your SOC more effective, and a better place to work. Not to mention letting you finally net full value from—and justify—those ongoing tool investments.
#2 Clean up your front yard.
Indulge us in a slightly strained metaphor: By “front yard,” we mean your company’s external digital attack surface—all those things hackers see (and you might not) that can be used to slip past your gateway and steal your stuff. Your digital presence includes domains and sub-domains associated with your brand, expiring certificates, code inadvertently left exposed in cloud-based repositories, vulnerabilities, misconfigurations, Shadow IT, and other things no one thought to lock up, throw out, or put away.
There are lots of ways to get this done from dedicating your own time and effort to paying landscaping crews—pen testers, Red Teams, attack surface management experts (ASM)—to help out. True ASM is continuous and rooted in ongoing intelligence. Good ASM features discovery, context, threat correlation, analyst insight and prioritization to help you address the riskiest risks first.
#3 Start cutting down.
Reduce vulnerabilities and the glut of risk that comes with them. Like any healthy regimen, good vulnerability management (VM) takes commitment, and strategic time management. This includes investing in the right equipment, doing the right exercises, and following regimens for regular or ongoing vulnerability assessments. And, it means working smarter and correlating threat intelligence with known vulnerabilities to improve prioritization and speed patching efforts.
Resolving patching and vulnerability practices long-term will take innovation as well as discipline as we adjust for fast-changing cloud and WFH models. Lift-and-shift alone won’t work, but high-priority patches still need to be identified and applied in a clear, timely, and predictable way. This will take some planning.
#4 Curb, or at least control your spending.
Cybersecurity budgets may be better insulated against budget cuts (or at least delays) that will hit other aspects of business in 2021. Even if budget increases, the quest to find and keep critical skills, add new solutions, and secure companies through the acceleration of digital transformation won’t come cheap.
Consider functional sourcing of SOC (and some NOC) initiatives along with optimized use of automation and machine learning (ML) to improve ROI, speed payback, and bridge skills gaps.
If that sounds like a string of “chicken soup for the CISO” platitudes, consider the fact that running a 24/7 SOC averages nearly $3M per year and analyst salaries that averaged $100K in 2021 should see at least a 20 percent increase in 2021—if you can find enough experts to staff facilities in the first place. Functional sourcing can save you money while fast-tracking results and accountability.
#5 Go back to school.
Or at least, expand your knowledge base. Learn and implement better analytics, and above all, apply what you learn. We all get reports and subscribe to intelligence feeds that go unread, or unused because no one has time to act on all the info.
Data doesn’t become knowledge until someone puts it into practice, so choosing the right sources drives greater value. Check out Knowledge NOW (KNOW), Netenrich’s free global threat intelligence to see how much time you can save going from “what happened” to “what to do about it.” (Did we mention it’s free?)
#6 Get more insurance.
Cyber-insurance is a growing staple of the cybersec budget. As it becomes the norm, the next step in the journey will be finding new ways to lower premiums. Consider this as you evaluate security rating services, attack surface intelligence, and other new habits that help demonstrate the health of your overall cybersecurity posture—and lower your risk.
If you already have some form of cyber insurance, make sure you dig deep on the policy requirements. Many businesses are surprised when claims get rejected because simple controls have not been implemented or maintained. Make sure you have the right coverage and processes in place to be able to collect when and if you need to (and ensure that you don’t).
#7 Stop procrastinating.
Take a deeper look at things that routinely end up on the back burner. Everyone organization has its own set. You might be considering implementing or optimizing the value you get from a SIEM. Or adding ongoing ASM, patching high-risk vulnerabilities, conducting war-room exercises, etc.
What about your team? Have analysts been asking for training on new subjects? People are your most critical assets so procrastination there can cost more than just money.
Take a look at your supply chain. Sure, it’s a hot topic right now but it’s also been part of some governance frameworks from the start, and there’s a reason for that. Assessing supply chain and third-party risk is not an easy task—which is why it gets procrastinated—but there’s a huge chunk of risk here that merits some quality time sooner rather than later.
#8 Quit gambling.
Maybe the only risk you take with your hard-earned money is to join a Super Bowl pool once in a while. So why gamble with your brand?
That’s exactly what you could be doing if your company has yet to get proactive about adopting some form of breach and attack simulation (BAS), cyberwarrior training, cloud visibility (beyond the logs and reports you get from providers), ASM, Dark Web monitoring, and other new capabilities. Most of these things can be obtained or supplemented cost-effectively through SaaS-based solutions and MSSPs for fast, centralized use by your team.
Intelligent SOC: Resolution Intelligence For SecurityGET STARTED
#9 Be a leader.
Here as everywhere, being a great leader means keeping your team motivated, healthy, productive, and fulfilled. It means leveling silos that undermine productivity, even if you have to ruffle a few feathers to get it done. Leading means making tough decisions, maybe even tearing up the old playbooks and bringing in new equipment, new talent and coaches, and adopting a new approach.
Last but not least, being a true leader means having the nerve, and the data, to face critics after a tough loss, with a plan to do better next time.
#10 Get help, and choose your friends wisely.
We all have issues and, all things being equal, we prefer to work them out privately, discreetly, and amongst ourselves. But refusing to get help or turn over some controls when you need to paves the way for million-dollar front-page breaches, lawsuits, fines, damage control, you get the idea.
To improve your cybersecurity posture, the very act of defining what help you need can be overwhelming, and there’s no shortage of point solutions, providers, portals and professional services to choose from. Automation continues to evolve to bring us better, faster identification and validation of issues, diagnostics, prioritization, and ultimately, resolution—but machines only get you so far.
Human expertise, insight and experience still make or break good defenses. As you engage partners and providers, consider their experience—and the quality of experience they provide to customers—as well as chemistry, responsiveness, and trust between teams. Make sure partners understand your pressing issues and have helped other CISOs resolve these same challenges.
Choose outcome-driven approaches that let you buy what you need when you need it, without paying for some slick-sounding features you couldn’t care less about. Last but not least, define metrics for accountability and results you can take to the bank (or at least the board).
Resolve to resolve Ops first
New Year’s Resolutions are about getting things done, and making real changes, once and for all. Netenrich Resolution Intelligence is about doing digital ops right, once and for all, and day in, day out.
Resolution Intelligence starts with outcomes and scales dynamically to match your Ops challenges. Resolution goes beyond solving today’s problems better and faster to address the core issues that create problems once and for all.
Act now to get back to basics and jumpstart 2021 with smarter, faster, more transformative digital operations.
And of course, stay safe!
Subscribe To Our Newsletter!
The best source of information for Security, Networks, Cloud, and ITOps best practices. Join us.
Thank you for subscribing!