On this week’s SecurityIntelligence podcast, host Nathan Cook teams up with a panel of security leaders from multiple IBM business partners, including Cisco Systems, Carbon Black, Fortinet, Palo Alto Networks and VMware, to get their take on the evolving role of chief information security officers (CISOs) in meeting key security challenges.
CISOs Face Emerging Security Challenges
Cook kicks off the discussion by asking the experts to share their thoughts on the top security concerns facing companies today. According to Dov Yoran, senior director at Cisco’s Security Business Group, the complexity of digital working environments — highlighted by the rise of ransomware and cryptocurrencies — are now key issues for the enterprise.
Chris Berninger, senior sales engineer at Carbon Black, meanwhile, points to customer concerns around a lack of knowledge: Organizations struggle to understand what’s happening, how to respond and how to determine the scope of security incidents. For Terry Ramos, vice president of business development at Palo Alto Networks, part of this problem stems from seemingly endless “conga lines” of security products — disparate solutions and services that don’t always work well together.
What’s Next in Cybersecurity?
When asked what the future holds for companies over the next few years, Ken Gosselin, managing director of global strategy at VMware, foresees a shift toward creating actionable protocols and developing remediation processes that actually work. Yoran, however, calls out the increasing cybersecurity skills gap.
And according to John Maddison, senior vice president of products and services at Fortinet, companies must focus on the growing digital attack surface, develop better visibility and improve integration to tackle both known and unknown threats.
Avoiding a Data Breach Headline
What are the hottest topics for CISOs in the boardroom right now? Berninger talks about “derisking” the enterprise to stay out of the headlines and avoid reputational damage. For Maddison, this creates a focus on developing better risk measurement metrics, while Yoran points to user protection mechanisms and cyberinsurance as current boardroom priorities.