Attending Splunk .conf21? Join us for our session, Tips from the Trenches: Practical Search and Response to Stop Ransomware with Splunk. Learn More ➞

Think Tank: CISOs Discuss Evolving Cybersecurity Landscape

“Hats off to the CISOs!”  

These were the opening remarks Senior Principal Analyst and ESG Fellow Jon Oltsik used to greet the participants of our recent CISO Think Tank virtual event, a recognition appropriate for today’s security leaders who have faced extreme challenges and adversity over the past year alone due to COVID-19, not to mention the never-ending onslaught of ransomware attacks.   

The threat landscape has expanded, the number of threat actors and their persistence have increased to unprecedented levels, and the skills shortage has worsened. Not only do we lack the individuals to fill security positions, but we also don’t have the proper skills to meet our adversaries head-on.   

Kicking off our virtual roundtable to discuss such challenges, Jon led a group of security executives into a deep dive on their priorities, concerns, and expert knowledge surrounding today’s security threats. We had a lively discussion with CISOs on the front lines as they considered what effort it takes for organizations to combat the cyber risks plaguing industries today. Here’s what’s top of mind for today’s CISOs.  

The Evolution of Security Operations  

The stakes have always been high in the security industry, but we’re now seeing a deeper focus on analysis and metrics that push for proactive measures when it comes to protecting an organization’s environment. With ransomware attacks increasing exponentially in the past year, the attention of board members, executives, and employees not usually associated with security efforts are now bringing cyber initiatives to the forefront of business operations.  

Don’t Neglect the Basics 

Too often the fundamentals of cyber hygiene don’t get the attention they deserve. Organizations are becoming inundated with new and innovative cyber tools entering the market, but it is crucial they take the time to determine exactly what their environments need before adding another product to their toolsets. Without this scrutiny, organizations will be blind to how their network is failing in the most rudimentary ways, alert fatigue will increase, and security professionals will continue to stay one step behind the next attack.    

Identify Risk – And Help Out Those Who Don’t 

As cybersecurity professionals, we’re used to looking at the world through a risk-based lens, but not all of our colleagues across the organization think this way. However, you need to understand both your environment and business and work with leaders around the organization to properly identify and categorize risk. This starts with a solid governance model that brings together business owners, senior leaders, and the security team to analyze the biggest risks to an organization. The whole leadership team should understand and be able to identify potential risks and the potential business impact. Security is a team sport.   

Zero Trust Collaboration 

Implementing a Zero Trust security model will look different for each organization. As two business partners begin to work together, it’s important to discuss exactly what such a model will look like to each of them by referencing the same resources that will direct them into building that type of environment. Ensuring that a conversation is started with a good frame of reference around each businesses’ definition of Zero Trust will become essential to continued proactive security measures. Aspects of this conversation will need to address a single asset management system (where single sign-on and multi-factor authentication is required for all employees) and a focus not only on people, but the devices that are connected to an organization’s network.   

XDR Implementation 

Today’s increasingly complex technology ecosystem is driving demand for extended detection and response (XDR) from larger companies that have on-premises data centers. Prioritizing an open, vendor-agnostic approach to XDR, known as Open XDR, will allow for deep integration across best-of-breed tools from a diverse set of vendors, delivering the right combination of technology, field-validated content, and resource empowerment to increase visibility, reduce complexity, and manage risk.   

We’d like to extend a sincere thank-you to all of the panelists and participants of our recent CISO Think Tank discussion. The conversation served as a timely inflection point for the fearless security leaders, as well as members of the press who joined in the dialogue.   

Learn more about ReliaQuest and the unique capabilities of Open XDR-as-a-Service >

More Articles

3 Things Every CISO Needs to Know About Automated Threat Hunting Tools

Updated June 2021 Every industry is susceptible to data breaches and malicious cyber-attacks. Large enterprises are more at risk due to their size and complexity. For example, financial institutions are trusted to be custodians of private financial information, including tax, ledger, and account related details, while security teams in the healthcare industry have to secure […]

CISOs, Are You Prepared to Answer These Questions in Your Next Board Meeting?

One of the greatest challenges in maturing security programs stems from difficulty showing ROI on your security investments and communicating your security posture and effectiveness in a way that makes sense at the board-level. If you start talking about the number of events per second, firewalls blocked, or MTTR, eyes will start to glaze over […]

How We Got Here: Will Open XDR Finally Unify Our Security Environment?

First published September 2020 The hype cycle around XDR (extended detection and response) is in full swing. But the problems it promises to solve and the outcomes security analysts are looking for are nothing new. INSIDE Where did XDR come from? Open XDR How ReliaQuest defines open XDR Where did XDR come from? It started […]