Our IT Executive Roundtables are invite-only events hosted by peers for peers that bring together a select group of senior IT leaders from across industries for topic-driven, intimate dialog on current trends and topics. The group met remotely to discuss critical security control automation, led by the CISO and VP of Information Security of a leading managed care company. This Session was sponsored by Teneo Group.
The threat of sophisticated cyberattacks, like ransomware and supply chain attacks, has made security a top priority for many organizations. They are investing in new tools and revamping internal processes, in an attempt to be truly secure. But what does true security really mean? And is the definition the same for every organization? How do you go about starting your security journey?
At the beginning of the discussion, attendees talked about the first step in creating a truly secure organization. A head of technology said that you couldn’t get anywhere in the security world without MFA. A director of information security added that visibility is fundamental to security. You can’t secure what you don’t know exists. A few executives remarked that you should start from the people and process side of things. Make sure all stakeholders understand what’s about to change.
A speaker told the audience that every organization perceives and implements security in a different way. Some determining factors are budget, infrastructural footprint, number of employees, data volume and nature, and compliance requirements. For example, a Fortune-25, highly regulated healthcare organization will have different security concerns from a mid-sized company that operates globally. There’s no one-size-fits-all strategy that any company can implement to enhance its security posture. You have to figure out your business’ priorities, requirements, and threats, and then chart your own path to true security.
Most participants agreed that if you don’t have full visibility, then nothing else matters. You could have the most experienced security team, resolute regulatory compliance, modern risk mitigation tools, and rigorous data privacy, but without 100% visibility across all your infrastructures, you will always be susceptible to compromise. A single unused cloud VM with elevated privileges that don’t appear in asset discovery could cause your entire ecosystem to go down. Modern visibility tools help you identify such zombie VMs and legacy applications running on your network.
An attendee stressed that visibility offers much more than just asset discovery. Modern visibility tools help in vulnerability management and mitigation by letting you filter out potentially vulnerable systems. They play a part in incident response by offering information related to the ownership of an asset, its interconnectivity, and the types of applications running on it. They also make it much easier for all relevant people to have access to asset information. Authorized personnel can simply log on to a portal and find all the answers they need about the network, for example, how many VMs are provisioned on a cloud account, how many wireless devices are active, or which assets were recently decommissioned.
The difficulty of juggling multiple tools manifests in increased complexity, soaring costs, and potential security vulnerabilities. Consolidation of these tools is essential and needs a process that requires strategic planning to reduce complexity and enhance efficiency.