It's an ongoing challenge for the security world to be able to continuously test security controls in the network and prioritize remediation according to business impact. We'll learn the best practices, practical approach, empowering teams and security validation techniques.
Brad LaPorte has been on the frontlines fighting cyber criminals and advising top CEOs, CISOs, CIOs, CxOs and other thought leaders on how to be as efficient and effective as possible. This was conducted in various advisory roles at the highest levels of top intelligence agencies, as a Senior Product Leader at both Dell and IBM, at multiple startups, and as a top Gartner Analyst.
Bikash Barai is the Co-Founder of FireCompass, an AI assistant for IT security decision makers. Earlier he founded iViZ an IDG Ventures backed company which was later acquired by Cigital. He is also an early advisor at CISO Platform
Fireside Chat (Recorded)
1.Perspective on evolution. Why is continuous security validation important. What is it all about ?
Traditionally we would go through logs and try to figure out wha went wrong. That was very time consuming.
Now, things have changed with great tools, automation, cloud. Downside is the same tools can be leveraged by Criminals too. Slowly the dark market of cyber crimes has also grown as an economy on its own. Attackers are looking for a small window of opportunity and that’s where continuous security validation comes in.
2.Industry maturation. Tool kit for defenders
Understand that there will be breaches. There is no breach proof. Eventually organisations will end up in a series of data breach..trends of future.
Tool Kit for defenders - ASM / ESM, CART, DAST
It helps in understanding what’s going on with the devices in the environment, what’s vulnerable. It helps in not being in the blind. Then you can identify the areas that need action and work
Breach simulations and reduction of attack surface tools help. Security awareness and training is crucial since it’s a mindset and every person can be targeted. So it is important to educate. Fundamentals are still - People. Process. Technology
3.What’s a good strategy for small and medium companies ?
Small and medium size companies who may not have access to latest and innovative tools. They need to be honest as whether they need it and understand their environment. Focus on the necessary areas instead of going by best practices. Basics like Multi-factor authentication, strict password rules, monitoring security, red blue team practices and more. Use open-source eg. Crawling. Select tools with multiple specialities like Swiss Army knife.
As you grow your business, then start investing in more advanced products based on the needs evolving
4.What are some of the common success and failure factors when you come to implementing continuous security validation ?
This is highly dependent on Nature of business, culture, financial goal, security goal. Setup the key metrics based on your goals
Measuring is key. Adding loads of tools isn’t helpful either. It’s like adding hay, harder to find the needle (attack).