Security leaders today are constantly held accountable to solve unprecedented issues for their enterprises. As cyber threats and cybersecurity capabilities continue to advance, businesses have discovered five challenges and concerns that stay consistent among CISOs and CIOs as they evaluate the best cybersecurity solutions to invest in:
- Companies can’t secure what they can’t see.
While IT executives would like to assume they have complete knowledge of their enterprise technology assets, it’s hard to identify these quantities with absolute certainty. For example, multiple tools running in the same IT environment may produce conflicting information about the correct number, type, owner, management, and security state of technology assets within an organization’s estate. The most astute CISOs recognize the visibility gaps that exist within their enterprise and look for ways to automate addressing this gap and its impact on audit, compliance, and attack surface mitigation.
- The need to focus on the basics.
Executives have external and internal pressure to buy the next new and compelling cybersecurity tool that contains attractive functions to prevent a detrimental cybersecurity attack. However, CISOs and CIOs understand that they really need to focus on the basics of required processes and resources essential to realize results from acquired cybersecurity defenses. Fundamental security processes, such as closing visibility gaps, timely patching and updates, and streamlining compliance procedures, are pragmatic ways to protect highly valuable assets within a company’s IT estate. When speaking with IT executives, many of them almost always mention that they are looking to acquire increased visibility and intelligence to support the fundamentals of cybersecurity.
- Product replacement challenges.
Most executives don’t take lightly the daunting task of ripping and replacing current technologies with new ones. The hundreds of hours of training and user experience that goes into learning and implementing technologies makes it difficult to decide to take a chance on a new cybersecurity tool, especially when there’s no guarantee they will outperform the previous tool used. It takes a thorough assessment of risk and capabilities for CISOs and CIOs to feel compelled to go through this replacement exercise. Companies must take the time to do a needs analysis, align it to security posture and acceptable risk, as well as consider expected time to value.
- Difficulties building trust with the staff.
Because of the busy nature of the job, CISOs and CIOs may not have the bandwidth to explore each new cybersecurity product on the market to defend their environment and data. They are also tasked with the tremendous amount of pressure of having to support delivering business value to their organization while reducing security and compliance exposures. Therefore, work with peers and other trusted advisors to help make well-informed decisions that will invoke best practices, close gaps, and also identify cybersecurity solutions that best align to their company’s needs.
- Bridging the gap between teams and tools.
Many teams play an important role to ensure IT service delivery and security within an enterprise organization. Unfortunately, the consequence of having different departments working autonomously and at odds from an objective and key results (OKR) perspective often makes it nearly impossible to quickly detect and respond to anomalies, threats, and issues. For example, if a security team discovers a vulnerability, they need to coordinate with the IT team to remediate it. However, in many instances the IT team’s tool may offer different details than what’s necessary for security to resolve the threat – even down to where the system is located and who owns it. The teams may also have different definitions of an asset or track against different primary keys. For example, the security team may work off an IP or MAC address while the IT team works against asset tags. The back-and-forth that takes place between different teams stalls the remediation process, sometimes increasing time for the threat to propagate. CISOs and CIOs would like to build a better bridge across the gaps between teams and tools.
CISOs and CIOs need technological capabilities, such as enterprise technology management (ETM) tools, that give IT and security teams the advantage of unified visibility, timely lifecycle and security state, and automation to carry out processes across IT departments and resources. It’s necessary to preserve the integrity of infrastructure and access to sensitive information. These teams also must seek to derive a greater amount of value from the tools they already possess, while also bridging the gap between the tools that are deployed and the various operating scenarios they must perform across different departments that may use these tools.
If executives and their staffs improve visibility into their company's technology in a way that leverages their existing tool portfolio, they will find it easier and faster for them to make informed decisions regarding which cybersecurity preventative and response measures will work for their company. This will help improve an organization’s security posture while providing IT leadership a way to respond more proactively to business needs.
Jon Davis, chief information security officer, Oomnitza