Inside the Briefcase

Augmented Reality Analytics: Transforming Data Visualization

Augmented Reality Analytics: Transforming Data Visualization

Tweet Augmented reality is transforming how data is visualized...

ITBriefcase.net Membership!

ITBriefcase.net Membership!

Tweet Register as an ITBriefcase.net member to unlock exclusive...

Women in Tech Boston

Women in Tech Boston

Hear from an industry analyst and a Fortinet customer...

IT Briefcase Interview: Simplicity, Security, and Scale – The Future for MSPs

IT Briefcase Interview: Simplicity, Security, and Scale – The Future for MSPs

In this interview, JumpCloud’s Antoine Jebara, co-founder and GM...

Tips And Tricks On Getting The Most Out of VPN Services

Tips And Tricks On Getting The Most Out of VPN Services

In the wake of restrictions in access to certain...

IT Briefcase Exclusive Interview: 10 IT Security Questions Every CISO Should Be Ready to Answer

April 4, 2016 No Comments

From the rise of connectivity and the prevalence of advanced threats, security has become an integral part of business planning and strategy across an organization – i.e., the boardroom is paying attention. While the CISO role has gained influence in the upper echelons of management, it also will be under increasing scrutiny from fellow executives. That’s why CISOs should have the answers to – and the tools to answer – these 10 questions in terms the board can understand.

  • Q. What is your vision for protecting our most critical assets and data?

A. As a C-level executive, you can’t just have a solution – you need a vision. Be able to show a long term strategy for your objectives, whether it’s building a mature, defined security program or deploying systems for faster response. Most important to the board: show how you are going to measure the organization’s progress toward those objectives.

  • Q. What does this company’s attack surface look like?

A. As an organization’s attack surface grows, sprawling networks and the rising tide of threats make it difficult to understand what’s at stake. Having the tools and processes in place to enable better communication of the state of your corporate network and its interrelationships is fundamental to relaying security status. Literal attack surface visualizations will also show at a high level the “knowns and unknowns” of your network. These tools are particularly important for enabling communication to department heads and the board.

  • Q. What impact are your security efforts having?

A. Once the board has a basic understanding the attack surface, they need to know if security programs are effectively reducing it. Systems must be in place to track tasks like vulnerability remediation, firewall change implementation, network segmentation and the impact of security controls to ensure what’s said should be done is done as intended. Regular reporting also helps give insight to longer trends, support intelligent investment decisions and set goals for strategic initiatives.

  • Q. What methods are you using to prioritize risk and response?

A. If your security program is not having the effect you want, it might be due to a lack of prioritization. Mature programs need to look beyond baseline criticality ratings, combining contextual intelligence from the network and vulnerability and threat sources to infer what the biggest threats are. This will focus response where it matters most. Solutions that help tailor response based on available resources will also increase operational efficiency.

  • Q. Where are we wasting resources?

A. As any fellow CISO will tell you, resources and budget are hard to come by for infosecurity initiatives; that makes it vitally important to know which security initiatives reduce risk and which ones don’t. Time savings can have a huge impact on security ROI, so look for the major time sinks for your security team, and find ways to automate operational tasks.

  • Q. How are we demonstrating compliance?

A. Yes, reporting and preparing for compliance audits can drain resources, but these activities can’t be neglected. The consequences of not being able to demonstrate compliance with industry regulations like PCI are serious, from monetary to business-ceasing — and that will certainly get the board’s attention. Instead of giving compliance a backseat, look for tools that help make the process more efficient and easier for your team.

  • Q. Are we getting the most out of our existing investments?

A. Security “point” solutions are rampant in cybersecurity; every one promises the next silver bullet. But too often, a new solution means a new data silo, adding to the difficulties in patching together security information sources. Security management solutions that combine data from multiple sources help security teams understand the big picture, and make the most of devices and controls already in their arsenal.

  • Q. How fast can you respond to a major cyberattack?

A. Rather than simply answering to the speed of response, it likely more useful to educate non-security execs on the many facets that support or hinder incident response. Identifying improvements in foundational processes like threat discovery and analysis could mean the difference between responding the same day or weeks later. If your board understands how these impact incident response, you’re more likely to get buy-in for those improvements.

  • Q. What protocols are in place to respond to a data breach?

A. Data breaches are fodder for front page news. If a breach occurs, you need to ensure the response extends beyond the IT department. Having policies in place before disaster strikes can limit reputation damage. Engage other departments like public relations, human resources, customer care and legal to implement a coordinated, cohesive response.

  • Q. Are we future-proof?

A. The answer is likely “no,” but in the constantly evolving threat landscape, enterprises and government agencies need to be looking to build resilient, more mature security organizations. You need to communicate to the board that a comprehensive program and not just a mish-mash of point solutions and ad hoc tasks is the key to agile, adaptive cybersecurity.

As security becomes increasingly intertwined with various business units within the organization, CISOs have more attention focused on their programs than ever before. With that comes the responsibility to effectively communicate their vision throughout the organization and answer the tough questions that will inevitably be thrown their way. Security may be a moving target, but if you can help your peers and the board understand that moving target, you’ll likely keep your seat at table for a long time.

Ravid_Circus

About the Author

Ravid Circus has more than 15 years of experience in the IT security and risk assessment industry, and is currently the Vice President of Products at Skybox® Security, a global leader in security analytics. Circus plays a pivotal role in Skybox product development, designing innovative solutions to meet industry pain points – a task as which he is particularly suited based on his previous role heading customer care.

Prior to Skybox Security, Circus worked for several years as an information security consultant. Circus received both his MBA and BSc in Computer Science.

Leave a Reply

(required)

(required)


ADVERTISEMENT

DTX ExCeL London

WomeninTech