This post is part of our CISO Counsel series - where security experts provide insights specifically for security leaders.
CISOs have one of the most difficult jobs in the cybersecurity industry, as they are typically responsible for managing the development and implementation of an organization's information security policies and procedures, including security awareness programs, security incidents, and incident response. They also oversee the deployment of various security technologies such as firewalls, intrusion detection and prevention systems, and encryption solutions, to protect the organization's data and networks from threats -- and this is just the tip of the iceberg. To be successful in this role, a CISO must also stay up-to-date with the latest security trends, technologies, and regulations.
We sat down with Stan Black, CISO at Delinea, to discuss top threats, challenges, and solutions that CISOs should be thinking about. With over two decades of experience in cyber security, what is some advice you would offer to new CISOs looking to grow in their careers? Any tips for preventing CISO burnout?
The CISO role is evolving beyond its traditional focus on technology and cybersecurity. CISOs are not just responsible for IT anymore, they must understand all aspects of the business across legal, marketing, engineering, etc. Even more, CISOs must understand the challenges and requirements of the customer and be an enabling partner to the customer’s entire organization, and partner ecosystem.
With a never-ending list of tasks, it is crucial for CISOs to pick their battles strategically and prioritize risks. There will likely be times when you may feel inclined to compromise on security measures to meet business goals or deadlines, but it is important to identify the core security items that you will not compromise on and to always keep the customer top of mind. To get an honest assessment of priorities, it is necessary to start with the customer first – look at the customer’s needs and work backward from there to build partnerships and increase customer satisfaction.
The CISO role is continuously evolving, and with responsibilities that cut across the entire business, it is easy to feel burnout. My advice in preventing burnout across the entire IT team, including the CISO, is to invest in seamless technology that automates tasks while limiting human error.
Automation takes basic tasks out of human hands, and can work tirelessly around the clock. This takes some of the stress away from CISOs and IT teams, not only by freeing up time but also completing these tasks more securely and reliably.
Cyberthreats are continuously increasing and will not be slowing down any time soon. What advice do you have for organizations looking to enhance their cybersecurity strategies?
While security breaches are increasing in number, it is important to recognize that most of the time, they can be avoided. What do the majority of breaches have in common? Access. Most of the time, compromised credentials and privileged access abuse are the cause of these breaches.
To effectively prevent security breaches, organizations must make protecting their data and the data of their customers a top priority. Because most breaches involve compromised credentials to access data, it is important that organizations are investing in identity-centric solutions designed to secure hybrid- and multi-cloud infrastructure.
Organizations looking to enhance their cybersecurity strategies should invest in a proactive approach to security. By properly managing access rights for all identities, organizations can proactively secure their business. One of the best ways to do this is by investing in a modern Privileged Access Management (PAM) solution.
A PAM solution centralizes fragmented identities, secures privileged access, improves compliance visibility and ultimately reduces risk and lowers costs. Modern PAM solutions make access very difficult for attackers and can stop the cyberattack chain. PAM allows only the right people to access the correct application while enforcing least privilege so they only get access to what they need, when they need, after they’ve been properly authenticated.
What are some best practices for selecting a cyber insurance plan and why is having one so important?
Cyber insurance is not really an option for most organizations anymore, no matter if you are a public or privately owned company. The increase in cybercrime has shown that most organizations and their employees are still not doing enough to protect themselves and reduce risk. It’s not a matter of if they’ll have a cybersecurity incident, it’s a matter of when. Cyber insurance provides additional peace of mind and protection from financially detrimental losses.
When selecting a cyber insurance plan, it is important to realize that not all cyber insurance policies are equal. For example, how “incidents” are defined can vary greatly, and breaches vs. incidents have very specific criteria. Clarity on language and definitions is very important.
A recent survey by Delinea found that many things are not covered in a majority of cyber insurance policies that you would think would be obvious. For example, only 36% covered incident response, 29% covered legal costs, and 28% covered ransomware payments. It’s important to make sure to have a clear understanding of how things are defined and truly covered by the policy.
What is the biggest challenge you’ve seen organizations face when it comes to securing their workloads, especially with a remote workforce?
While there are many benefits to enabling a remote or hybrid workforce, securing remote access for all employees can be a challenge - one compromised credential could result in significant financial and reputational damage. Many companies have overlooked the requirement for secure remote access for privileged users, who possess access to confidential information and systems. With the complexity of hybrid cloud, multi-cloud and on-premise infrastructures, it becomes more challenging for IT teams to manage and secure remote privileged access using conventional access management methods. Enterprises require a solution that grants authorized users secure access to IT resources while preventing unauthorized access from attackers.
When looking at ways to secure these remote workforces, I believe organizations must shift their perspective on cybersecurity, viewing it as a business risk rather than solely a technology risk. The security of the business should be prioritized by all departments, not just IT. The effects of security breaches reach every aspect of a business, and it is crucial for leaders across all departments to understand that their decisions impact the overall security of the organization on a daily basis. Business leaders across departments must make cybersecurity a top priority and invest in the tools and resources to ensure their businesses are protected. They must ensure their staff can stay productive and maintain secure access whether they are accessing remote systems, critical applications, infrastructure, or data - whether on-premise, remote or hybrid. ###