Below is a roundup of the some of the most popular cybersecurity stories from the past month.

Despite Growing Threats, Many Organizations Still Unprepared

The vast majority of organizations still lack a formal cybersecurity incident response plan (CSIRP) that’s applied consistently across the organization, according to a new report from the Ponemon Institute. Paradoxically, the institute’s third annual study on cyber resilience found that organizations feel much more positive about their readiness than they did last year.

The survey is a study in contrasts. Despite their newfound confidence, 57 percent of respondents said that it’s taking longer to resolve incidents. Meanwhile, just 31 percent said they had sufficient budget for cyber resilience and 29 percent reported having the ideal staffing level. Given the IT skills shortage, look to artificial intelligence (AI) and machine learning to help alleviate the crisis.

Are You Ready for Anything?

IBM Security General Manager Marc van Zadelhoff couldn’t have been more prescient when he stated in a March 27 blog post that “cybercriminals are stealing your data. You’re scrambling to respond, hustling to contain, scurrying to an emergency board meeting. … You may be thinking that this isn’t going to happen to you, but many recent headlines say otherwise.” Indeed, in the days immediately following his pronouncement, a bevy of new breaches splashed across the headlines.

If preventing a breach is becoming ever more difficult, is there any hope for organizations to recover and even thrive in the aftermath of a cyber incident? This topic was covered in depth at the IBM Think event last month, where speakers offered security professionals guidance on how to prepare for the if and respond to the when. In the keynote “Ready for Anything: Build a Cyber Resilient Organization,” experts explained how to prepare through practice and runbooks, and covered what skills you need to quickly stop the damage in a crisis, recover and resume operations.

Celebrating Women in Security

Bridgette Pepper never expected to pursue a career in security, even though she was good with technology and loved solving problems. She studied political science in college, intending to become a lawyer, but took a risk, switched majors and has never looked back. Pepper, who is now a project manager for global solution design at IBM Security, is one of six women interviewed in an article celebrating International Women’s Day. The diverse group included interns and senior IBM executives talking about what attracted them to cybersecurity. The thrill of constant change, solving problems and making a difference were common themes in their remarks.

Speaking of making a difference, a panel of top IBM Security female executives also convened this month for a webinar titled “Why the Future for Women in Security Is Now.” A highly recommended watch for cybersecurity professionals of all levels and genders, this webinar offers powerful insights on the challenges facing the industry — but will nonetheless leave you feeling optimistic about what lies ahead.

Security Pros Get Their Own IBM Community

The bad guys are getting better at collaborating, so shouldn’t the good guys do the same? That’s the thinking behind the launch of the IBM Security Community, a place where security professionals can network with their peers, discuss cybersecurity news, learn about events and meetings, and improve their skills using IBM’s expanding portfolio of security products. The community will be run by its members, but IBM subject matter experts will be available to answer questions.

Guidance for the CISO

A good chief information security officer (CISO) is always open to taking advice or trying a new approach where an old one has proven unsuccessful. There were valuable insights in several recent articles that any CISO or security leader could benefit from.

In “Signs That Your Security Program Is Going Nowhere Fast,” Kevin Beaver explained how even organizations with the strongest security policies, most advanced tools and regular training are liable to overlook major security gaps. Instead of going through the motions, security leaders should set clear goals and measure the organization’s performance to identify areas in need of improvement. Otherwise, minor oversights can add up and become formidable challenges for the security team.

Meeting these goals requires buy-in from the entire enterprise, from the board of directors to rank-and-file employees. That’s why it’s crucial for the CISO to exert his or her influence within the organization to strengthen security culture, as Christophe Veltsos wrote in “Putting the ‘I’ in CISO: Why the Security Leader Must Become an Influencer.” Becoming an influencer doesn’t mean asserting absolute authority, however. Instead, the CISO must be proficient in the art of listening, forging strong alliances among line-of-business (LOB) managers and communicating the value of security in terms that executives can understand.

But before the CISO can communicate security concerns to lines of business, he or she must establish a proper framework to efficiently analyze threat intelligence and translate it into actionable insights. In “Security Intelligence at the Strategic, Operational and Tactical Levels,” Bob Gourley, a former naval intelligence officer, explained the differences between strategic, operational and tactical threat data and how they inform incident response planning, day-to-day decision-making and tactical operations during a breach.

Stay Tuned for More Cybersecurity News

Along with May flowers, April showers will inevitably bring new threats, trends and cybersecurity surprises. As we finally spring into a warmer season, stay tuned for more cybersecurity news next month.

More from CISO

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

The evolution of a CISO: How the role has changed

3 min read - In many organizations, the Chief Information Security Officer (CISO) focuses mainly — and sometimes exclusively — on cybersecurity. However, with today’s sophisticated threats and evolving threat landscape, businesses are shifting many roles’ responsibilities, and expanding the CISO’s role is at the forefront of those changes. According to Gartner, regulatory pressure and attack surface expansion will result in 45% of CISOs’ remits expanding beyond cybersecurity by 2027.With the scope of a CISO’s responsibilities changing so quickly, how will the role adapt…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today