Navigating the complex landscape of cybersecurity can often seem daunting, especially for organizations grappling with the evolving nature of threats and the intricate interplay of technology and human behavior. However, amidst the complexity, there lies a simple yet powerful approach—one that focuses on practicality, collaboration, and understanding the fundamentals. By breaking down cybersecurity into manageable components and fostering a culture of awareness and preparedness, organizations can better equip themselves to address security challenges effectively.
Here is the verbatim discussion:
yep so what what we do uh you know exactly what I'm talking about right we we we had been um doing this for a few of these companies getting the CEO the COO the legal guys the marketing guys the operations guys and everybody together in a room and then discuss like let's imagine this breach has happened now what do we do the moment you do that now the operations guy see is my goodness there will be so many calls which is going to come to my call center thisy doesn't even have a script on how to respond to and I don't know how to handle this so there are couple of things that happens one is like you get more ready to face something like that A playbook emerges all those things but along with that these guys kind of envisage or visualize or feel the kind of pain they'll go through if a bad security incident happens and they realize okay I mean it looks knowing the risk the threats etc etc or and then protect but also building a great way to detect um which people are doing right now I mean I guess most of the organizations are building this sock and then doing the response and Recovery there's a much better awareness today in the kind of industry in terms of building the response and recovery so if people build the right kind of hygiene as you have mentioned if if organizations get these Basics right like knowing the asset inventory knowing where the data is how the data flows have basic hygiene and what you mentioned about two Factor authentication right that's that's very very important have the basic kind of security practices in place I'm not talking about all the text Etc and then having a basic mechanism to detect attacks and then respond and recover from it so a lot of times um cyber security is made to look very complex I I love nist CSF very much because n CSF for the first time came up and spoke about cyber security a language which business can understand that you need to identify your assets and threats and risks you need to protect and you need to detect attacks and you need to respond and recover from a breach right I mean it sounds very very simple now when you look at ISO or PCI they talk about W and d and this and that control it's not really very uh friendly from the perspective of management and other stakeholders so I'm a big fan of n CSF in terms of building an architecture a as am I I actually wrote a white paper years before that came out um talking about defense in- depth and a continual process and I broke it down into four things prediction prevention detection and response and it's circular continues to feed in yes and you know and and Gartner picked that up they they published some things a few years ago on on that white paper but nist and and I've worked with nist for many years on many different projects uh they move very similar it's it's they're one or two off right because they they go to identify they don't talk predict but yeah it's it's really from a continual management perspective you do need those four things right you need a prediction capability you need that prevention capability and those two give your highest Roi by the way but you you know you will never be perfect things will always get through or you will choose to allow vulnerabilities to exist Black Swan events so on and so forth because it's too expensive to protect against that's fine um so you need that detection and response capability and those to have exactly yeah a lot of people have that kind of perception and lot of people are not even aware of this problem that I need to know where data is and how data flows because like security uh guys are working in silos and they have no idea that the marketing team how they work on the data do they have an analytics team do they have an analytics partner how does the data go to the analytics partner what is the analytics partner doing Etc so I have seen like just this inventory problem the data uh where does the data reside and how does the data flow that itself is a major issue of course there is third party fourth party all those things are there oh yeah and and then and and there's another dimension it's not only where the data is but if you start looking at it as a life cycle how does data get created is it created in a secure way is it classified and and marked so we know how sensitive it is you know how does it get distributed and how does it die and that's when when I sit and I talk with it folks or or organizations you know HR whatever you know I'll ask all right.
Highlights:
Scenario-Based Preparedness Workshops: Bringing together key stakeholders, including executives, legal, marketing, and operations teams, for scenario-based preparedness workshops can be transformative. By simulating potential breach scenarios, organizations not only develop actionable playbooks but also gain a deeper appreciation for the operational and reputational impact of security incidents.
Emphasis on Basic Hygiene: Establishing fundamental security practices, such as asset inventory management, data flow analysis, and two-factor authentication, forms the cornerstone of a robust security posture. These basic hygiene measures provide a strong foundation for security resilience and help mitigate common attack vectors.
Adoption of NIST Cybersecurity Framework (CSF): The NIST CSF offers a pragmatic and accessible framework for organizations to identify, protect, detect, respond, and recover from cybersecurity threats. By aligning with this framework, organizations can streamline their security efforts and communicate effectively with stakeholders, transcending the complexities of traditional compliance-centric approaches.
Lifecycle Approach to Data Security: Viewing data security as a lifecycle—from creation to distribution to disposal—allows organizations to gain a holistic understanding of their data assets. By ensuring secure data practices throughout the lifecycle, including classification, encryption, and secure distribution channels, organizations can minimize data-related risks and enhance regulatory compliance.
Integration of Prediction, Prevention, Detection, and Response: Adopting a holistic approach that encompasses prediction, prevention, detection, and response is essential for effective risk management. While prevention measures offer significant ROI, detection and response capabilities are critical for mitigating evolving threats and minimizing the impact of security incidents.
Collaboration Across Silos: Breaking down silos and fostering collaboration between security teams and other departments, such as marketing, HR, and IT, is paramount. Understanding how data is created, accessed, and utilized across various functions enables organizations to implement targeted security measures and address potential vulnerabilities proactively.
In the ever-changing landscape of cybersecurity, simplicity and practicality are key. By focusing on scenario-based preparedness, basic hygiene practices, adoption of frameworks like the NIST CSF, lifecycle approach to data security, and holistic integration of security functions, organizations can enhance their security resilience and readiness. Moreover, fostering collaboration across silos and promoting a culture of awareness and accountability ensures that cybersecurity becomes ingrained into the fabric of the organization. Ultimately, by simplifying cybersecurity and embracing practical approaches, organizations can navigate the complexities of the digital age with confidence and resilience.
Bikash Barai is credited for several innovations in the domain of Network Security and Anti-Spam Technologies and has multiple patents in USPTO. Fortune recognized Bikash among India’s Top 40 Business Leaders under the age of 40 (Fortune 40-under-40).Bikash is also an active speaker and has spoken at various forums like TiE, RSA Conference USA, TEDx etc.Earlier he founded iViZ an IDG Ventures-backed company that was later acquired by Cigital and now Synopsys. iViZ was the first company in the world to take Ethical Hacking (or Penetration Testing) to
the cloud.
https://twitter.com/bikashbarai1
https://www.linkedin.com/in/bikashbarai/
Matthew Rosenquist is a seasoned cybersecurity strategist and Chief Information Security Officer (CISO) with over three decades of experience. With a remarkable career at Intel Corporation spanning 24 years, he spearheaded key security initiatives, including establishing Intel's first Security Operations Center and leading cyber crisis response teams. As an influential figure in the industry, he currently serves as the CISO for Eclipz and advises numerous organizations worldwide on cybersecurity, emerging threats, privacy, and regulatory compliance. With a unique ability to bridge technical expertise with business acumen, Matthew is renowned for developing effective security strategies and enabling organizations to navigate complex cyber risks while optimizing security, privacy, and governance.
https://www.linkedin.com/in/matthewrosenquist
https://twitter.com/Matt_Rosenquist
Comments