In this Interesting Fireside Chat, in collaboration with FireCompass, two industry experts, Brad La Porte (Ex Gartner Analyst) and Bikash Barai (Co-Founder, FireCompass), bring you insights into the ever-evolving landscape of cybersecurity. They discuss the current state of security validation and share their thoughts on achieving a continuous security approach.
Part 1 Recap
In this discussion, we'll explore how Cybercrime has become an underground economy, the importance of continuous security validation, and what it means for the ever-changing threat landscape >>> Read More
Fireside Chat (Recorded)
Part 2 of a 3 Part Conversation:
Where Does Security Validation Stand Now?
As technology continues to advance, so do the tactics of cybercriminals. Brad La Porte, a seasoned cybersecurity professional, has observed a wide range of companies, from small and medium-sized enterprises to large corporations. The burning question on everyone's mind is, "How frequent is security validation, and are we truly on the path to continuous security?" Brad's response is a reality check: "Not close enough."
Brad explains that organizations today fall into five levels of security maturity, ranging from zero to five. True continuous security testing is typically found in the upper echelons (level five) and is commonly seen in financially robust sectors like finance and healthcare. However, the encouraging news is that the trend is shifting downstream. More organizations, especially in the lower maturity levels, are recognizing the importance of continuous security validation. Managed detection and response, along with managed security service providers, are integrating these testing methods, even automating a significant portion of the process, making it feasible for round-the-clock security.
In this ever-evolving landscape, organizations are also exploring innovative solutions, such as automated red teaming, attack surface management, and breach attack emulation. These tools allow organizations to bring their own malware and test for zero-day vulnerabilities, an essential step as zero-day attacks become more prevalent.
The majority of organizations still find themselves in the lower maturity levels, between zero and three. Some have barely scratched the surface of vulnerability management, often dealing with legacy systems. The good news is that help is readily available. Many organizations are adopting a hybrid approach, leveraging professional services and aligning their people, processes, and technology to improve their security posture. As security tools and solutions become more accessible, adoption continues to rise. However, evaluating the myriad of solutions remains a challenge in itself.
Exploring the Tools: ASM, CART, and BAS
Brad highlights three key tools for continuous security validation and testing: Attack Surface Management (ASM), Continuous Automated Red Team (CART), and Breach Attack Simulation (BAS). These tools offer a spectrum of breadth and depth in assessing an organization's security posture.
Attack Surface Management (ASM): This tool provides a broader perspective on your security posture, helping you identify weak points in your organization's defenses. It's like securing your home by locking all the doors and windows, ensuring there are no vulnerabilities for attackers to exploit.
Continuous Automated Red Team (CART): Going deeper into the security landscape, CART focuses on specific use cases, identifying vulnerabilities, and evaluating an organization's susceptibility to various threats. What sets it apart is its continuous and automated approach, making it an ideal choice for 24/7 security.
Breach Attack Simulation (BAS): BAS is all about emulating real-world attacks. It allows organizations to simulate advanced persistent threat groups, implement zero-day attacks, and train their workforce to combat these threats effectively. It's like conducting fire drills in your organization to prepare for potential breaches.
Building a Continuous Security Validation Program
For organizations looking to establish a continuous security validation program, Brad and Bikash recommend a structured approach. It starts with the right mindset. Security validation isn't a one-time event but an ongoing process that should encompass every facet of your organization.
Crawl, Walk, Run: Begin with small steps, assess your current security posture, and identify weak points. Avoid the common pitfall of attempting to do everything at once.
Focus on Reduction of Attack Surface: One of the most effective strategies is reducing the attack surface. Implementing multi-factor authentication and investing in security awareness training can significantly enhance your security posture.
Continuous Training and Drills: Treat security readiness as a culture. Regularly simulate security incidents, conduct tabletop exercises, and engage your employees in recognizing and responding to threats.
Join the conversation on continuous security validation and become part of the thriving cybersecurity community at CISO Platform. Stay informed, stay secure.