Network breaches are making the jobs of CIOs and CISOs harder than ever. Intelligent CIO asked Paul Potgieter, Managing Director – UAE, Dimension Data, how they can be avoided.
The biggest nightmare for a CIO or a CISO is to get breached on their watch. Notwithstanding the scale of the breach, any unauthorised intrusion has repercussions both for the organisation, due to compliance and audit regulations, as well as for the CISO being accountable to the board. Heads of security continue to be challenged in today’s depressed market conditions and face reduced IT budgets and more often unresponsive boards.
Some of the biggest data record breaches include Yahoo, 3 billion in August 2013; Equifax, 145.5 million in July 2017; eBay, 145 million in May 2014; Target, 110 million in December 2013; JP Morgan & Chase, 83 million in July 2014; Uber, 57 million in November 2017. A point to be made here is that individual end-users are seldom the focus of the intrusion – it is mostly always the organisation’s data or assets.
Other than breaches, the next biggest nightmare for heads of security is ransomware driven by sophisticated phishing attacks. Ransomware can paralyse business operations and create havoc internally, although this may be for a limited duration of time, till either the ransom is released or the malware is remediated and data restored.
Ageing IT infrastructure and the inability to maintain compute speed and agility to support many of the latest deep learning tools, cloud-based threat intelligence and analytics, are keeping heads of security on the wrong foot. This will also reduce their standing internally with their peers of business and with the board.
The way forward for heads of security is to actively work on a three-pronged strategy. The first is to constantly evaluate new solutions and services with the purpose of improving interoperability, build more self-driven solutions to reduce false positives, reduce clutter and vendor lock-in, reduce weaknesses due to lack of internal skills and finally be able to manage better with fewer investments.
The second strategy is to build an internal programme of cybersecurity awareness for employees to avoid time spent on remediation due to lack of basic network and security awareness. This will also help to identify the rogue insider threat.
The third strategy is to work on improving communication with the board so that they can appreciate the benefits of on-going investments and efforts to secure the organisation. This will also help, over a period of time, to get the board to appreciate the costs of not plugging the security gaps as they stand and become more proactive in supporting the head of security in their day to day activities.
Using this three-pronged strategy, heads of security need to look at their situations as an innovative opportunity to improve their professional standing within their organisations as well as with their board.