Our Roundtable Sessions are invite-only events hosted by peers for peers that bring together a select group of senior IT leaders from across industries for topic-driven, intimate dialog on current trends and topics. We hosted this Session featuring a group of CXOs and other IT executives. The group met remotely to discuss designing a new path forward focusing on cybersecurity resiliency, led by the CISO for a national museum. This Session was sponsored by The Teneo Group & Check Point.
Since early 2020, we have seen an exponential rise in the number of cyberattacks. As a result, businesses need to reassess their security policies, practices, and tools and design a new path towards cybersecurity resiliency. Unfortunately, only relying on firewalls and taking a preventive approach can cost you millions and jeopardize your company’s reputation. Investing in modern AI-powered solutions can help you in the early detection and prevention of cyberattacks before they become an uncontrollable issue.
A CISO recounted their organization’s cybersecurity journey. Back in 2015, after the organization did poorly in a security audit, they were brought in to improve the security posture. The first thing they did was implement multi-factor authentication. Then, they performed an organization-wide analysis of data and devices, categorizing everything based on criticality. Investments into XDR and EDR products were also made. Recently, they have introduced tools powered by artificial intelligence to take things up another notch. One major challenge they were facing was that nobody was sharing information with others; there were too many silos! To overcome this, they created an information security committee, which facilitated disseminating information across the organization. Ever since COVID and the rise in ransomware attacks, they have been able to convince their board to increase their cybersecurity budgets. The importance of being on good terms with your board members can’t be overstated.
An executive said that it’s mainly the larger enterprises leaning towards machine learning and AI-based security solutions. They don’t have enough personnel nor enough time to detect and prevent attacks manually. In addition, today’s cyberattacks spread across a network very quickly, even if you use network segmentation. As a result, it’s become imperative to rely on tools for real-time intrusion detection and response. Unfortunately, there is just too much data, sometimes multiple petabytes, and humans can’t understand or process it efficiently. But, of course, humans are still part of the equation. They are the ones defining policies and configurations that the tools must conform to.
Conversely, small businesses prefer the traditional cybersecurity tools simply because the modern solutions are still relatively expensive. However, as more and more machine learning tools enter the market, we can expect the prices to come down, which may increase small business adoption.
A participant shared that they have embedded security team members with all the departments within their organization. This gives the security team a voice and ensures that any-and-all digital transformation efforts are made securely. For example, if multiple new applications are being developed, integrating a secure coding tool can help eliminate any risks and vulnerabilities in the early stages.
Multiple attendees agreed that cybersecurity teams must work closely with the rest of the organization. One exec said that they want cybersecurity team members to become “trusted advisors” to the business.
The value of reliable metrics emerges as a key theme in the technology landscape, providing critical insights into an organization's security posture and guiding action prioritization. Yet, a need for ongoing refinement and enhancement underscores the importance of these metrics' accuracy, reliability, and comprehensiveness to address potential risks effectively.
Virtually every business in the world has to deal with third parties. Whether you want to host something in the cloud or want a collaboration tool for your remote workforce, it’s much more feasible to seek a third-party product or service instead of reinventing the wheel.