The recent pandemic ransomware cyberattacks — WannaCry and Petya — were a nightmare for large conglomerates. As the dust settles on these malware attacks, it would be informative to look at the ‘top and emerging’ challenges for any organisation.
Clearly, at the top of the list are cyber security risks, particularly ransomware. What makes it difficult is the weaponisation of vulnerabilities, where in the ability of bad guys to quickly (mis)use any vulnerability in the system by way of malware, deployed with little effort and at large scale, leading to lockdown of environment and extortion of money using channels like Bitcoin.
What can we do in this scenario? While there are several steps to prevent ransomware, the most important ones are comprehensive patch management, robust system data and user data backup, pervasive and comprehensive threat management platforms.
Cloud, Digitalization, Mobility & Analytics all have brought in tremendous business benefits. What it has also led to is scrambling of IT and Risk Professionals to figure out where the important crown jewel of an organisation resides and how does one protect it.
A solid Risk Management framework which is also dynamic will guide the business to adopt technology and process controls to have the optimal level of security.
Often in this context, this famous quote of Lord Kelvin crops up
“When you can measure what you are speaking about, and express it in numbers, you know something about it; but when you cannot measure it, when you cannot express it in numbers, your knowledge is of a meager and unsatisfactory kind; it may be the beginning of knowledge, but you have scarcely, in your thoughts, advanced to the stage of science, whatever the matter may be.”
If one does not know what’s happening in the environment in terms of who, what, when, where, how and why, then at best you are surviving by chance.
The key to have a managed environment is to have visibility, which allows you to take decisions and continually improve the environment. Security monitoring technologies, Network Threat Analytics, User Behavioral Analytical tools etc. are handy.
While any decent sized organisation is accustomed to external assessment, certification audit to get in point in time measurement done and conformance reported. The key concern in this area is that the results are not real-time or not even close near real-time.
A cautious board, astute customers, hungry media and strict regulators looking for organisations which truly know what is happening in their environment and how. This area calls for careful balance of tools, process investments which ensure that compliance can be showcased and also helps us to incorporate technology best practices to prevent issues in future
People, Did you hear Qualified?
For all these various technology controls to run effectively and efficiently, IT & Security professionals who have wide and in-depth knowledge are imperative. Security professionals are short, both in terms of number and quality.
Handling this challenge will call for automation, strong service provider ecosystem & continuous up skill of existing IT & Security staff
These are the ones which I see as top challenges for a CISO! What are yours?