A lack of understanding of security issues in the workplace and misplaced confidence in organisational cybersecurity readiness are adding to pressure on CISOs during challenging times, according to a new report produced by BT Security. The global study of more than 7,000 business executives, employees and consumers found that 76% of executives understand their company’s IT strategy to defense against cyber threat protection but 85% blammed CISOs after cybersecurity incidents for not communicating effectively.
<p>The findings from BT\’s research project are both exciting and sobering. For the 16 percent of executives surveyed that say they haven\’t been breached, or at least suffered some type of security incident in the past two years, they are either lying or don\’t have the security tools and services in place to better scan their environment for trouble spots. In other words, they can\’t see the adversaries and they are standing right in front of them. Coming on the heels of revelations from the Solar Winds supply chain hack in December, an intricate and targeted attack dating back to more than a year ago and impacting tens of thousands of companies around the world, BT\’s findings are hopefully a wake-up call to board rooms around the world.</p> <p> </p> <p>The expanding digital footprint for companies of all sizes leaves them vulnerable to security incidents, sometimes of material nature, making the job of CISO\’s that much more important. Security excellence is hard to achieve, but there are organisations across the public and private sector doing a wonderful job today staying ahead of potential hot spots in their networks.</p> <p> </p> <p>My advice for all CISOs and executives is to adopt an operation-centric approach to cybersecurity, instead of having security teams chasing countless alerts that oftentimes lead you down a never ending rabbit hole. Many traditional security products are hopelessly alert-centric and generate volumes upon volumes of information that appear seemingly unconnected, lack context, and take too much time to investigate to understand how they are related, even when they are part of the same attack. From a defender’s point of view, we can never win daily battles by spending time chasing uncorrelated alerts.</p> <p> </p> <p>We must quickly identify, and respond to malicious operations with surgical precision, finding a path forward by future-proofing tomorrow’s enterprise. We need to detect earlier and remediate faster; to think, adapt, and act more swiftly than attackers can adjust their tactics; and to have the confidence as defenders that we can always identify, intercept and eliminate emerging threats in a matter of minutes rather than days or weeks.</p>