Top 3 Challenges Affecting CISOs and CIOs cybersecurity confidence

Tuesday, 12 July 2022 10:14

By Debashish Jyotiprakash

Debashish Jyotiprakash, Managing Director, Asia Pacific & Japan, Qualys

GUEST OPINION by Debashish Jyotiprakash, APJ managing director, Qualys: In the last couple of years, we have witnessed a rapidly growing number of cyberattacks that has left organisations exposed to threats as they struggle to keep pace with and balance the growing need to transform and innovate, and match it with the cybersecurity investments required to properly assess the risks to their critical business processes, putting even more pressure on cybersecurity teams, which are often already understaffed.

Even though most organisations pay a lot of attention to cybersecurity and have invested heavily in security solutions, CISOs and CIOs often discuss they don’t feel confident that they have the right capabilities in place to protect confidential and privacy-sensitive data.

According to a recent report, Australian CISOs felt least prepared and more at risk of cyber-attacks compared to global counterparts, with these three major challenges adding to their organisation’s vulnerabilities – lack of holistic visibility, a false sense of security and inadequate automation.

1. Lack of holistic visibility

One of the key challenges adding to the complexity of having an effective cyber-resilient strategy in place is not a lack of security solutions, rather many organisations using over ten security solutions - usually stand-alone tools with fragmented information - that they often deploy to limited subsets of their assets.

The larger the company, the more such silos exist. That leaves many assets out of view, and leads to a lack of context on its information and a lack of clarity about how all these assets connect among themselves and to the network environment. The value of data collected from these assets and its risk assessment of the organisation is effectively lost. That is not acceptable when vulnerabilities require an immediate response.

For CISOs and CIOs, the first order of business is to map out exactly what is in-house and their ‘fundamentals’. It is imperative to make an inventory of all known and unknown assets, and to keep this dataset up to date, in a configuration management database (CMDB). That means properly itemising all assets, identifying those most important for the organisation and the business processes to ensure the highest protection levels are applied. Having this system in place would then allow for better management and response to cyber-incidents.

2. A false sense of security

Virtually all companies use a wide range of security solutions such as Endpoint Detection and Response (EDR) systems, antivirus solutions, firewalls, and so on. However, forensic research at companies that fell victim to hacks and cybercrime shows that these attacks often breached an asset that was falsely believed to be protected by a security solution. However, that solution turned out not to be enabled on the device at all.

Forensic research further shows that patches for vulnerabilities that have long been exposed are often missing. This provides cybercriminals with yet another point of entry. A thorough map of available patches and a trustworthy process to implement them significantly reduce the risk of intrusion.

Furthermore, after a vulnerability is fixed, often the system requires a reboot or a modification to a registry key before the patch is fully completed, although many organisations lack the control checks to ensure these steps are actually taken. While users believe the vulnerability to be fixed, it remains present.

Alert fatigue is another factor that has also contributed to a false sense of security as, although the solutions are in place, systems generate so many security alerts that employees become insensitive to them. As a result, they ignore these alerts or fail to respond to them adequately.

Finally, the trend of outsourcing cybersecurity to managed security service providers (MSSPs) is also adding to a not-so-bullet-proof security system as most MSSPs only work on subsets or silos as well. Many organisations employ the services of multiple MSSPs, engaging one party for servers, another for workstations, and yet another for cybersecurity. CISOs and CIOs must always have oversight of the entire environment. That calls for a so-called 'hybrid MSSP' outsourcing model: the MSSP services all or part of the environment while CISOs and CIOs retain control.

3. Insufficient automation

With a holistic understanding and well-founded confidence in security, organisations have all they need to protect assets from the risks of vulnerabilities. However, to best realise this, CISOs and CIOs must be able to correlate and understand their data. To do this, the context of the information is essential.

The more CISOs and CIOs can automate the processes to obtain this context, the better they can prioritise the remediation of assets and the easier it is to see whether or not they should act on alerts.

In addition, where compliance audits are concerned, it is vital that the reporting process is quick and efficient. Audits are often a very costly, time-consuming, and cumbersome exercise for any organisation. Therefore, auditors must have all the data and insight as soon as they require it. Collecting data from different point solutions or silos is complex and prone to errors. Moreover, if findings are not delivered promptly, auditors may shut down an organisation's operations. Automation can therefore be crucial for business continuity.

Conclusion

As the hacker community seems to retain the advantage and is becoming more and more sophisticated, CISOs and CIOs need to strengthen their organisation’s defences by levelling up and deploying a cyber-resilient strategy that ensures their security solutions are integrated and applied across critical assets, ensuring ongoing reviews and oversight of all the operations’ processes has taken place to effectively manage and respond to cyber-threats.

Read 359 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here

SONICWALL 2022 CYBER THREAT REPORT

The past year has seen a meteoric rise in ransomware incidents worldwide.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Ransomware
Cryptojacking
Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available via the 2022 SonicWall Cyber Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the rising tide of cybercrime.

Click the button below to get the report.

GET REPORT!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

Top 3 Challenges Affecting CISOs and CIOs cybersecurity confidence