Quick Take-Aways From the RSA Security Conference

Like many others, I’m still recovering from last week’s marathon at the RSA Security Conference in San Francisco. Here’s a shotgun list of my impressions of the show:

 

Topics: Cybersecurity risk management RSA Security Conference SOAPA

What’s on CISO's Minds in 2018?

I’ve just begun a research project on CISO priorities in 2018. What I’m finding so far is that CISOs are increasing their focus in several areas including the following:

  1. Business risk. Yes, CISOs have always been employed to protect critical business assets but in the past, this was really executed with a bottom-up perspective – from IT and security infrastructure up to business processes. Fast forward to 2018 and CISOs are moving to a top down view from business processes down to the technology. This broadens their view of risk and mandates that security controls work collectively to protect ALL the technologies used to accomplish business processes. This is a profound change that challenges even the best CISOs and security organizations.
Topics: Cybersecurity risk management data security CISO identity management security awareness training

Cybersecurity Past to Predict the Future

As part of the recently published research report from ESG and the information systems security association (ISSA) titled, The Life and Times of Cybersecurity Professionals, 343 infosec pros were asked to identify the cybersecurity actions their organizations have taken over the past few years. This list serves as a good foundation for what we can expect in 2018. 

The top responses were as follows:

Topics: Cybersecurity risk management NIST ISSA

Enterprise Objectives for Threat Intelligence Programs

It wouldn’t be a stretch to call 2015 the year of threat intelligence. In February, President Obama signed an executive order at a cybersecurity event held at Stanford University that encourages and promotes threat intelligence sharing between the private sector and federal government. Meanwhile, the US Congress has introduced several threat sharing bills of their own. And at the annual RSA Security Conference in April, threat intelligence was clearly one of the primary topics of discussion among cybersecurity professionals, technology vendors, and government representatives.

Topics: risk management threat intelligence sharing

Note to Executives, Legislators, and Consumers: Time For a Serious Dialogue About Cybersecurity

Like everyone else in the cybersecurity domain, I’ve been pretty busy the past week or so. First there was the UPS store breach, which was small change compared to the nefarious cybersecurity situation at JP Morgan Chase. The condition became a bit more whimsical when photos of naked celebrities floated around the web but quickly became serious again with the breach at Home Depot, which may trump the Target breach when all is said and done.

Here is a terse synopsis of what’s going on: We’ve gotten really good at rapidly developing and implementing new applications on new technologies. We can even do so at scale (with the exception of healthcare.gov, but that’s another story). Yup, we want immediate gratification from our technology toys but we really don’t have the right people, skills, processes, or oversight to actually protect them.

Topics: Cybersecurity Information and Risk Management Security and Privacy risk management

Big Data Security Analytics Can Become the Nexus of Information Security Integration

In a recent ESG research survey, security professionals working at enterprise organizations (i.e., more than 1,000 employees) were asked the following question: How do you believe that your organization will change its security technology strategy decisions in any of the following ways over the next 24 months in order to improve its security management? In response:

Topics: Information and Risk Management Data Management Security and Privacy risk management incident detection and response big data security analytics enterprise security

Enterprises Need Outside-In Continuous Monitoring for Risk Management

Ask any CISO what their job entails and they are likely to respond with a common mantra: Assess IT risk, communicate IT risk to business executives, and then create and execute a mutually agreed upon plan to address risk.

Topics: IBM Cloud Computing Cybersecurity Information and Risk Management Security and Privacy Security risk management DHS Booz Allen Hamilton Lockheed Martin RiskIQ BitSight Target CSC CDM cyber supply chain security Public Cloud Service

The New Cybersecurity Technology Reality - the Whole Is Greater than the Sum of its Parts

I wrote a blog last week about new integrated anti-malware technology in response to Palo Alto Network’s acquisition of Cyvera. In fact, this integrated technology model isn’t limited to anti-malware but is becoming the new reality across the cybersecurity lifecycle of risk management, incident prevention, incident detection, and incident response.

I’m convinced that this is where the market is headed, driven by burgeoning cybersecurity requirements across organizations large and small. Why do I believe this? Well, in a recent ESG research survey, 315 security professionals working at enterprise organizations (i.e., more than 1,000 employees) were asked how their organization’s security strategy would change over the next 24 months. A little under half (44%) of respondents said that their organization would “design and build a more integrated enterprise security architecture,” the highest percentage of all responses. This trend is actually reverberating on the supply side as Blue Coat, Cisco/Sourcefire, FireEye, IBM, McAfee, PAN, and Trend Micro are all engaged in R&D and M&A activities to meet the need for technology integration.

Topics: IBM Palo Alto Networks Fortinet Cisco Information and Risk Management FireEye McAfee Security and Privacy Security risk management endpoint security Proofpoint incident detection incident response Blue Coat RSA Security Anti-malware incident prevention APT

Enterprise CISO Challenges In 2014

I’m sure lots of CISOs spent this week meeting with their teams, reviewing their 2013 performance, and solidifying plans for 2014. Good idea from my perspective. The CISOs I’ve spoken with recently know exactly what they have to do but aren’t nearly as certain about how to do it.

At a high level, here’s what I’m hearing around CISO goals and the associated challenges ahead this year:

  1. Improve risk management. This translates into threat/vulnerability measurement, threat prevention, and ongoing communication with the business mucky mucks. The problem here is that their networks are constantly changing, scans are done on a scheduled rather than real-time basis, and the threat landscape is dangerous, sophisticated, and mysterious.
Topics: IBM Palo Alto Networks Cisco Information and Risk Management FireEye HP Security and Privacy Security risk management Centrify Malwarebytes LogRhythm bromium 21CT Leidos RSA Invincea Accenture ISC8 Blue Coat CloudPassage click security Bit9 CSC Hexis HyTrust

Why Blue Coat Acquired Solera Networks

A few weeks ago, Blue Coat Systems acquired Solera Networks. No one was surprised about the acquisition of Solera as it plays in the white hot big data security analytics market. That said, many people remain perplexed by the acquiring company. Several dozen reporters, vendors, and end-users have already posed a common question to me: Why Blue Coat?

Topics: Information and Risk Management Security and Privacy risk management incident detection