Below is a roundup of the some of the most popular cybersecurity stories from the past month.
Despite Growing Threats, Many Organizations Still Unprepared
The vast majority of organizations still lack a formal cybersecurity incident response plan (CSIRP) that’s applied consistently across the organization, according to a new report from the Ponemon Institute. Paradoxically, the institute’s third annual study on cyber resilience found that organizations feel much more positive about their readiness than they did last year.
The survey is a study in contrasts. Despite their newfound confidence, 57 percent of respondents said that it’s taking longer to resolve incidents. Meanwhile, just 31 percent said they had sufficient budget for cyber resilience and 29 percent reported having the ideal staffing level. Given the IT skills shortage, look to artificial intelligence (AI) and machine learning to help alleviate the crisis.
Are You Ready for Anything?
IBM Security General Manager Marc van Zadelhoff couldn’t have been more prescient when he stated in a March 27 blog post that “cybercriminals are stealing your data. You’re scrambling to respond, hustling to contain, scurrying to an emergency board meeting. … You may be thinking that this isn’t going to happen to you, but many recent headlines say otherwise.” Indeed, in the days immediately following his pronouncement, a bevy of new breaches splashed across the headlines.
If preventing a breach is becoming ever more difficult, is there any hope for organizations to recover and even thrive in the aftermath of a cyber incident? This topic was covered in depth at the IBM Think event last month, where speakers offered security professionals guidance on how to prepare for the if and respond to the when. In the keynote “Ready for Anything: Build a Cyber Resilient Organization,” experts explained how to prepare through practice and runbooks, and covered what skills you need to quickly stop the damage in a crisis, recover and resume operations.
Celebrating Women in Security
Bridgette Pepper never expected to pursue a career in security, even though she was good with technology and loved solving problems. She studied political science in college, intending to become a lawyer, but took a risk, switched majors and has never looked back. Pepper, who is now a project manager for global solution design at IBM Security, is one of six women interviewed in an article celebrating International Women’s Day. The diverse group included interns and senior IBM executives talking about what attracted them to cybersecurity. The thrill of constant change, solving problems and making a difference were common themes in their remarks.
Security Pros Get Their Own IBM Community
The bad guys are getting better at collaborating, so shouldn’t the good guys do the same? That’s the thinking behind the launch of the IBM Security Community, a place where security professionals can network with their peers, discuss cybersecurity news, learn about events and meetings, and improve their skills using IBM’s expanding portfolio of security products. The community will be run by its members, but IBM subject matter experts will be available to answer questions.
Guidance for the CISO
A good chief information security officer (CISO) is always open to taking advice or trying a new approach where an old one has proven unsuccessful. There were valuable insights in several recent articles that any CISO or security leader could benefit from.
In “Signs That Your Security Program Is Going Nowhere Fast,” Kevin Beaver explained how even organizations with the strongest security policies, most advanced tools and regular training are liable to overlook major security gaps. Instead of going through the motions, security leaders should set clear goals and measure the organization’s performance to identify areas in need of improvement. Otherwise, minor oversights can add up and become formidable challenges for the security team.
Meeting these goals requires buy-in from the entire enterprise, from the board of directors to rank-and-file employees. That’s why it’s crucial for the CISO to exert his or her influence within the organization to strengthen security culture, as Christophe Veltsos wrote in “Putting the ‘I’ in CISO: Why the Security Leader Must Become an Influencer.” Becoming an influencer doesn’t mean asserting absolute authority, however. Instead, the CISO must be proficient in the art of listening, forging strong alliances among line-of-business (LOB) managers and communicating the value of security in terms that executives can understand.
But before the CISO can communicate security concerns to lines of business, he or she must establish a proper framework to efficiently analyze threat intelligence and translate it into actionable insights. In “Security Intelligence at the Strategic, Operational and Tactical Levels,” Bob Gourley, a former naval intelligence officer, explained the differences between strategic, operational and tactical threat data and how they inform incident response planning, day-to-day decision-making and tactical operations during a breach.
Stay Tuned for More Cybersecurity News
Along with May flowers, April showers will inevitably bring new threats, trends and cybersecurity surprises. As we finally spring into a warmer season, stay tuned for more cybersecurity news next month.