SlideShare a Scribd company logo

Cybersecurity - Whose responsibility is it?

Armor
Armor

Who is responsible for security in the enterprise? Every company takes a different approach, but in many cases, accountability and authority do not reside in the same role. When this happens, it’s hard to tell who is responsible for securing digital assets. No wonder executives are worried.

Technology
1 of 15
Download to read offline
@ARMOR | ARMOR.COM | PAGE 1PAGE 1 Cybersecurity — Whose responsibility is it? IDENTIFYING ACCOUNTABILITY GAPS FOR TRUE COMPREHENSIVE CYBERSECURITY
FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT? @ARMOR | ARMOR.COM | PAGE 2 Everyone sells security tools A tool seems like the obvious solution to a security problem; tools can be easily bought and easily bolted on to existing security systems to defend against emerging threats. Yet the numbers of breaches that are splattered across the headlines every week provide evidence that tools are not the answer. Enterprise executives recognize that their expenditures on tools are not necessarily in proportion to the security of their assets. Despite the fact that the market is saturated with security tools, the vendors that sell them are not willing to bear the risk of guaranteeing outcomes. After an enterprise makes its purchase, the vendor’s participation ends and the buyer is left on its own to implement and manage the tool. No other industry places such a heavy burden on its customers. Is the problem faulty tools? It is not. The tools can only work as well as the security professionals who use them every day to monitor, identify and resolve network anomalies. But a shortage of cybersecurity talent makes it hard to find qualified security experts to run daily security operations. And staffing is not the only people problem that impacts network security; the way that most corporations structure their leadership does not support the culture of security that is fundamental to a strong proactive posture. No wonder executives are worried. “Tools can only work as well as the security professionals who use them every day to monitor, identify and resolve network anomalies.”
FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT? @ARMOR | ARMOR.COM | PAGE 3 Who is responsible for security? Who is responsible for security in the enterprise? Every company takes a different approach, but in many cases, accountability and authority do not reside in the same role. When this happens, it’s hard to tell who is responsible for securing digital assets. Security ownership is a game of Hot Potato Executive leaders are business experts. Their job is not to understand how security operations work, and so they may not know the best way to delegate authority for security activities. The obvious role to own responsibility for security is that of a technology executive, and that’s who is often in charge of securing the enterprise — at least nominally. However, not all technology executives understand security operations, and those who do may not have the influence needed to sponsor strong initiatives or command necessary resources. IT managers are often thrust into the role of security manager, but IT and security are different areas of expertise. An IT manager may not be able to get the training necessary to fully understand and manage security operations, and/or may not have the clout to make the organization-wide changes that are the heart of true security. Some enterprises rely on vendors to protect their enterprises. However, security is not a technical problem. Security is a strategy that has to be built into every aspect of the business. Real security cannot simply be purchased; it has to be developed, even when partnering with a trusted vendor. “Security is not a technical problem. Security is a strategy that has to be built into every aspect of the business.”
FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT? @ARMOR | ARMOR.COM | PAGE 4 CEOs & CFOs Chief executive officers and chief financial officers bear ultimate responsibility, but they must base highly technical decisions on advice from their security execs (if they have any), or from their CIO or IT executives. CEOs and CFOs rightly and properly have a mindset focused on their core business. Security is often considered an operational cost rather than a strategic investment. When this is the case, CEOs and CFOs often exclude security and IT professionals from the decision-making stage of business-critical software purchases; a recent survey showed that when choosing a cloud-based service,1 only 34 percent of business leaders involved IT in the decision-making process, and only 29 percent involved IT while deploying the service. As a result, it is unlikely that proper security audits were conducted prior to purchase. CSOs Chief security officers are responsible for all security in an organization, from customer data to door locks. They have the specialized knowledge needed to protect their organizations, but because CSOs do not usually report directly to the CEO, they may encounter difficulties in gaining the funding, purchasing authority and cross-enterprise support needed to implement an appropriate level of security A common perception in the C-Suite is that the CSO should be responsible for failures in security, but the C-Suite does not always give the CSO the authority to take action against such failures. CSOs are sometimes pigeon-holed as “techies” and, however incorrectly, are not perceived as having a deep knowledge of the business as a whole.3 This limits the ability of the CSO to be effective. CISOs Chief information security officers are responsible for aligning all information-related security initiatives with security programs and business objectives. However, the role of CISO is a new one, and it is constantly evolving. CISOs often report to and work closely with the CIO, which can hamper the CISO’s ability to remain independent during audits and IT decisions. CISOs are also at risk of having their decisions overridden by the supervising CIO.4 CIOs, CSOs & CISOs CIOs Chief information officers are responsible for all technology capabilities, but they may not be security experts. The people who fill this role tend to be risk-averse, a disposition that is at odds with the need to defend against a dynamic threat landscape; sometimes a choice must be made between a new approach and no approach at all. A CIO’s focus on technology can actually be a pitfall. Strong security has to be infused through an organization, from the security department to the business processes to the employee activities. Therefore, securing the enterprise requires more than a technical scope.2 1 Quick, 2013 2 Burgess, 2014 3 McKendrick, 2013 4 Sarkar, 2013
FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT? @ARMOR | ARMOR.COM | PAGE 5 IT director To non-technical business leaders, security may be perceived as an IT responsibility. However, security encompasses more than information systems; it’s an enterprise-wide mindset, beyond the scope of information systems alone. IT managers are not security specialists and don’t have the specialized skills needed to manage security across the enterprise; at the same time, IT managers may be uncomfortable sharing control of IT systems with the security department. Also, IT managers naturally focus on building systems, and sometimes only add the security later; that can result in a leaky system.5 Because of their position on the org chart, IT managers are unlikely to have the authority to get the funding or wield the influence to work across lines of business to adequately secure the enterprise. Line-of-business managers According to a survey by Ponemon, 25 percent of organizations surveyed identified line-of-business (LOB) managers as responsible for security.6 This is a clear disconnect; while the individuals in these roles contribute to the overall security (or lack of security) of their organizations, they are not equipped with the technical knowledge or the influence to drive security. LOB managers are typically eager to implement business software to improve their processes. They need to be conditioned to bring security on board early in the software selection process, in the same way that they work with the IT department. These individuals also play an important role in communicating the need for security and enforcing security policies within their own departments. LOB managers need to be kept aware of current enterprise security initiatives so they can align their departments’ activities with them. Security vendors In a survey by Ponemon commissioned by Armor, one-third of IT and security professionals named their cloud provider as the entity most responsible for protecting sensitive data in the cloud.7 Respondents clarified that they trusted their cloud providers to protect data assets more effectively than their own enterprises, with 57 percent agreeing on this point. However, no vendor can ensure enterprise-wide security because no vendor has authority inside a customer’s organization. That said, vendors can do more to ensure customer success. Security vendors need to be clear about the assignment of security responsibilities. They can help develop processes and identify areas in which they can offer additional support, beyond simply implementing tools. 5 McKendrick, 2013 6 Ponemon Institute, 2015 7 McKendrick, 2013
FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT? @ARMOR | ARMOR.COM | PAGE 6 Security breakdowns A look at an org chart can raise questions about where a breakdown in responsibility can occur. Currently, it is uncommon for enterprises to have a CSO who is at a level equal to that of a COO or CTO. Is this because the leadership does not see security as a strategic concern, or does leadership lack the information needed to make that connection? If security is not strategic, then it’s a cost center. And if security is a cost center, security managers are under pressure to prioritize cost savings over investing the appropriate budget in security. Focused on core business Responsible for technology, but not necessarily security Focused on internal systems, but not security specialists Focused on business processes Aligns security initiatives with programs and objectives Focused on leveraging technology to promote business Responsible for all security, both logical and physical IT DIRECTOR LINE-OF-BUSINESS MANAGERS CEO CFOCOO CIO CISO CSO CTO
FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT? @ARMOR | ARMOR.COM | PAGE 7 The empty chair problem Over 200,000 security jobs are unfilled at any given moment.8 The common assumption is that this is a simple supply and demand problem; train more cybersecurity professionals and the problem will go away. Yet training is available, and there are plenty of computer-minded students who are eager to enter a career that will guarantee them their pick of jobs. But no matter how many students graduate from academic programs in cybersecurity, the shortage is going to continue for the next few years. The exact mix of certifications and training needed in a specific security operations center (SOC) is not likely to be possessed by a recent graduate. Classroom training does not prepare an individual to perform well on the job; rather, true security expertise is learned in the SOC, working on real threats on live systems under the tutelage of experienced analysts. For every 20 open security positions at a given company, there is only one qualified candidate9 — with the key word being qualified. And the problem goes deeper than a lack of warm bodies; rather, it is tightly coupled with the nature of security operations in an enterprise environment. The typical security analyst is anything but typical. A broad range of roles and skills are needed in a SOC, and it can be hard to understand how a candidate will fit into the mosaic of the SOC team until he or she is on the job and working. Also, as new threats emerge, new skills are needed to counter them — so this morning’s new hire may not have the certifications and experience to proactively defend against this afternoon’s malicious activities. Training comes after experience Cybersecurity training programs teach policy but do not focus strongly enough on technical expertise, so graduates have been taught concepts but cannot fix vulnerabilities. The most desirable experience a security professional can possess is a high level of real-world aptitude and understanding in a demanding environment. A background that includes work with government agencies like the U.S. Department of Defense, National Security Agency, Central Intelligence Agency or military intelligence is particularly in demand. Professionals with this experience have learned how to protect the nation’s most sensitive data from the world’s most vicious threat actors. They also bring another benefit to the enterprise; security professionals form what are called trust circles (or, more colorfully, fight clubs). Trust circles are professional networks focused on sharing the latest tactics, techniques and procedures, as well as alerting members to threats looming on the horizon. High-level trust circles are by invitation only, and potential new members are vetted before being asked to join. Membership in an advanced trust circle is of tremendous value to an individual analyst and, in turn, of tremendous value to that analyst’s employer. An analyst with a strong network in the cybersecurity community is always aware of impending dangers and equipped to proactively deter them. 8 Carapezza, 2015 9 Lemos, n.d.
FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT? @ARMOR | ARMOR.COM | PAGE 8 All of these certifications take time to complete. For instance, depending on the amount of experience a candidate has, preparing for the CompTIA+ certification can take anywhere from two to 12 weeks. And all of these certifications must be refreshed periodically.Each certifying body has a different set of requirements,but the general parameters are that certifications must be retaken or proof of professional development demonstrated every 1-3 years. Imagine a SOC with a dozen high-salaried security analysts; how many will be offline each year? How many man-hours are going to be devoted to maintaining certifications? Because security professionals tend to learn their most useful skills on the job, entry-level employees may not be a good investment. Even entry-level certifications are based on the presumption of real-world experience; for instance, the CompTIA Security+ certification recommends candidates accrue two years of on-the-job (OTJ) experience and complete a network administration certification before taking the assessment. Another desirable entry-level certification, GIAC Security Essentials, offers training that starts at the 300 level — the equivalent of a third-year college course. The student must independently pick up the skills needed to certify at that level before preparing for the assessment. Most enterprises have immediate needs and do not want to invest two years in an uncertified employee before that employee can become qualified to do the job he’s being paid to do. But the alternative to an unprepared candidate might be no candidate, so companies that find individuals with these certifications should snap them up, even with the knowledge that the candidate will still need OTJ training, and also with the knowledge that a two-year investment does not guarantee the candidate will stay with the company long enough to ‘pay back’ the resources that were invested in his development. Beyond the basic certifications, the areas of expertise become highly fragmented. Every time a company needs to add a new skill to its team, it’s either going to have to remove a costly employee from daily work to prepare for a new certification, or it’s going to have to hire the skill into the team. Enterprises that are running specific platforms should look for vendor-specific certifications, such as the Cisco CCNA, EMC RSA or Symantec Certified Specialist. Certified Ethical Hacker (CEH) Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Offensive Security Certified Professional (OSCP) Companies that need to add more advanced skills to their team will look for candidates with specific certifications.
FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT? @ARMOR | ARMOR.COM | PAGE 9 Churn is a security risk Investing in these necessary certifications is a gamble. High demand drives high turnover, and the best security professionals have their pick of employers. Enterprises that don’t provide an attractive environment for their security professionals will have a hard time hanging onto them. Churn in the security department is a different beast than churn in any other department — it poses a threat to the enterprise. The cost of continual recruitment and the burden of onboarding are the obvious drawbacks to managing a high-churn staff, but more important, and more dangerous, are the loss of historical knowledge, the fragmentation of the team as new members are constantly introduced, and the drain on morale that creates a vicious circle of churn driving more churn. Go to the experts Enterprises lacking the resources to hire and retain their own security teams do have other options — cloud and managed services. Managed secure cloud providers and elite cybersecurity vendors are able to attract and retain the most highly-skilled professionals available, including those with deep experience in sensitive environments such as government defense agencies. Talented and well-connected professionals can work anywhere they choose, and they tend to choose environments in which their skills are the core business; these are the places that can offer them the best career paths and compensation packages. By utilizing a managed secure cloud provider, an enterprise gains access to the top talent in the industry without the burden of attracting and retaining costly personnel. Processes and techniques are the basis for proactive stances Threat actors are not focused on penetrating a particular network device. The device is merely the path to their true target, which are the processes a business uses to handle: • Personally identifiable information (PII) • Product development • Customer data • Financial transactions • And other sensitive data Think of technology as a hammer. A hammer doesn’t build a house; a skilled worker uses a hammer to build a house. Likewise, security technology alone doesn’t protect the enterprise; it is just a tool used by experts, and a strategy can’t be based on a tool. It needs to be paired with the right talent and proven processes in order to be effective. A good strategy is holistic, infused throughout the enterprise. The problem with buying tools is that vendors who sell tools do not sell success. They are moving units, while a secure enterprise needs its vendors to partner with it, helping to safeguard processes, define roles and responsibilities, and communicate security messages to the workforce as a whole.
FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT? @ARMOR | ARMOR.COM | PAGE 10 The contextual intelligence will drive the next step: the threat remediation process. When techniques, tactics and procedures are identified, remediation can begin and future attacks can be prevented. Clearly, no tool alone — and no bank of tools — can protect against all threats. People commit bad acts, and people are the final defense against those bad actors. Security is a team effort. Get the support necessary to lock down entry points and respond if an intrusion occurs. A capable vendor will be able to provide guidance on how to dovetail business processes, accountability structures and technical solutions to create an effective security posture.10 To foster a culture of security, think beyond tools and look for a vendor that is willing to carry some of the burden. The security team needs visibility into business processes in order to strategize and implement appropriate security policies. If R&D is developing on a test server, that server needs to be known to security. If marketing is subscribing to a new SaaS product, security needs to conduct an application security audit. Policies should be developed in meetings between security and LOB managers to review how work is accomplished. This involves a series of steps, such as: • Inventory systems • Document workflow • Develop test cases • Identify vulnerabilities With this type of information, a solid security policy can be developed. The policy should preserve security without smothering productivity; overly strict policies tend to be ignored, so they’re a vulnerability in themselves. When an instance of unauthorized access has been identified, a process must be in place that defines next steps. Threat intelligence must be collected. The process should state how to capture data, which data is preserved, and how the data will be placed in context in order to be transformed into useful intelligence. What if data is ransomed? What if a DDOS attack is launched? What if a disgruntled insider sabotages critical systems? Processes should include what-if scenarios. ? ? ? 10 Jordan, 2014
FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT? @ARMOR | ARMOR.COM | PAGE 11 The healthy org In an organization with healthy security, the enterprise considers security to be a strategic part of the business. The enterprise has a clear line of accountability for security issues,11 ending with the CSO. The characteristics of an organization using its CSO fully are that the CSO: • Reports directly to the CEO • Is an influential executive • Has the authority to ensure security operations are adequately funded • Has ownership of the security framework, but the entire enterprise has accountability for managing security across lines of business and within business processes In companies that do not yet have a CSO, the CEO should take the lead in fostering security throughout the enterprise. The CEO is a more appropriate point person than the CIO because security is not a technology risk — it’s a business risk. All executive officers should support security initiatives throughout the enterprise. LOB managers should be willing to share their work processes and application inventory with the security department. The entire enterprise should be security-conscious. Protecting sensitive data is everyone’s responsibility, from the CEO to the temp at the front desk: a ‘culture of security’ must be overtly fostered in all corporate activities and communications. In support of a culture of security, cybersecurity training should be part of the onboarding process for all employees, and continuing cybersecurity awareness part of the corporate culture. “Theentireenterprise shouldbe security- conscious. Protecting sensitivedatais everyone’sresponsibility, fromtheCEOtothe tempatthefrontdesk.” 11 Ibid.
FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT? @ARMOR | ARMOR.COM | PAGE 12 The enterprise should have a centrally managed 24/7 security department. Not all companies can make a strong business case for an investment of this size; security operations are both costly and complicated to staff and run. For businesses unwilling or unable to dive this deeply into security, the best strategy is to outsource security operations to a security provider who is an expert in delivering more than tools to the enterprise; the provider should be a partner who continually works both for and within the enterprise to strengthen its security posture. In a healthy organization, specific security roles and responsibilities are defined. The individuals in these roles have the authority necessary to ensure the security of the enterprise. If on-premises, the security department must be staffed with the appropriate number of skilled and certified specialists. A formal plan should exist to ensure the security staff receives ongoing training and certification without affecting daily operations. Ideally, there should also be a plan to scale the number and skills-focus of the security staff to respond to a critical threat. Vendors should be selected based more on how they can support security processes than on the tools they offer. Vendors should be willing and able to engage in an ongoing relationship with the enterprise, taking on the role of security partner. “Forbusinesses unwillingorunable todivethisdeeply intosecurity,thebest strategyistooutsource securityoperationsto asecurityprovider whoisanexpertin deliveringmorethan toolstotheenterprise.”
FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT? @ARMOR | ARMOR.COM | PAGE 13 Blend talent and technique Although investment in full-time cybersecurity professionals has doubled, it’s still too little and too small a percentage of overall IT. However, no amount of money can fix a broken process or place responsibility where it can do the most good — those decisions belong to the enterprise leaders. True cybersecurity requires a top-down commitment. The structure of the security department needs to include outreach into all parts of the organization to establish practical and effective security policies. But enterprises should not feel compelled to figure everything out on their own. Most companies are not security experts, but they are experts on their own businesses; leverage that knowledge when working with a vendor, and partner together to align business processes with security operations. The right vendor will provide more than tools; it will provide expert help on processes and techniques, and will share risk and deliver outcomes. A culture of security does not appear out of thin air, and there is no template that applies to every business. Each enterprise has to make an organization-wide effort to identify the roles and responsibilities — and the policies and processes — that make the most sense for its business model and strategy, as well as its likely threats. The right vendor will provide more than tools; it will provide expert help on processes and techniques, and will share risk and deliver outcomes.
FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT? @ARMOR | ARMOR.COM | PAGE 14 Works Cited • Burgess, C., 2014. What Is the Role of Today’s CISOs? 7 Questions Business Leaders Are Asking. [Online] Available at: https://securityintelligence.com/what-is-the-role-of-todays-cisos-7-questions-business-leaders-are-asking/#.VcsF_flViko [Accessed 10 August 2015]. • Carapezza, K., 2015. With more than 200,000 unfilled jobs, colleges push cybersecurity. [Online] Available at: a. http://www.pbs.org/newshour/updates/college-struggle-keep-pace-need-cyber-soliders/ [Accessed 11 August 2015]. • Jordan, S., 2014. A Roadmap for CIOs & CSOs After the Year of the Mega Breach. [Online] Available at: http://www.darkreading.com/attacks-breaches/a-roadmap-for-cios-and-csos-after-the-year-of-the-mega-breach/a/d-id/1269679 [Accessed 10 August 2015]. • Lemos, R., n.d. Bridging the IT security skills gap. [Online] Available at: http://searchsecurity.techtarget.com/feature/Bridging-the-IT-security-skills-gap [Accessed 10 August 2015]. • McKendrick, J., 2013. Enterprises’ Security Practices Not Keeping Pace With Cloud Growth, Studies Find. [Online] Available at: http://www.forbes.com/sites/joemckendrick/2013/06/29/enterprises-security-practices-not-keeping-pace-with-cloud-growth-studies-find/ [Accessed 10 August 2015]. • Ponemon Institute, 2015. Cloud Security: Getting It Right, s.l.: Ponemon Institute. • Quick, R., 2013. Enterprise Cloud security: What are the risks and what you can do about them?. [Online] Available at: http://thenextweb.com/insider/2013/09/20/enterprise-cloud-security-what-are-the-risks-and-what-you-can-do-about-them/ [Accessed 10 August 2015]. • Sarkar, D., 2013. 5 Common Challenges Faced By Indian CISOs. [Online] Available at: http://www.cioandleader.com/articles/17995/5-common-challenges-faced-by-indian-cisos [Accessed 10 August 2015]. FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT?
FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT? @ARMOR | ARMOR.COM | PAGE 15 US 2360 Campbell Creek Boulevard, Suite 525, Richardson, Texas 75082 | Phone: +1 877 262 3473 UK 268 Bath Road, Slough, Berkshire SL1 4AX | Phone: +44 800 500 3167 © ARMOR 2016. All rights reserved. US 2360 Campbell Creek Boulevard, Suite 525, Richardson, Texas 75082 | Phone: +1 877 262 3473 UK 268 Bath Road, Slough, Berkshire SL1 4AX | Phone: +44 800 500 3167 © ARMOR 2016. All rights reserved.

Recommended

Understanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loopUnderstanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loop
David Sweigert
 
Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.
Ricardo Resnik
 
Defending Against Advanced Threats-Addressing the Cyber Kill Chain_FINAL
Defending Against Advanced Threats-Addressing the Cyber Kill Chain_FINALDefending Against Advanced Threats-Addressing the Cyber Kill Chain_FINAL
Defending Against Advanced Threats-Addressing the Cyber Kill Chain_FINAL
Michael Bunn
 
Cyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber CriminalsCyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber Criminals
David Sweigert
 
10 best cybersecurity companies in healthcare for 2021
10 best cybersecurity companies in healthcare for 202110 best cybersecurity companies in healthcare for 2021
10 best cybersecurity companies in healthcare for 2021
insightscare
 
Cyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceCyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General Audience
Tom K
 
Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chain
Symantec Brasil
 
Cyber Defense Matrix: Reloaded
Cyber Defense Matrix: ReloadedCyber Defense Matrix: Reloaded
Cyber Defense Matrix: Reloaded
Sounil Yu
 

Recommended

Understanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loopUnderstanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loop
David Sweigert
 
Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.
Ricardo Resnik
 
Defending Against Advanced Threats-Addressing the Cyber Kill Chain_FINAL
Defending Against Advanced Threats-Addressing the Cyber Kill Chain_FINALDefending Against Advanced Threats-Addressing the Cyber Kill Chain_FINAL
Defending Against Advanced Threats-Addressing the Cyber Kill Chain_FINAL
Michael Bunn
 
Cyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber CriminalsCyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber Criminals
David Sweigert
 
10 best cybersecurity companies in healthcare for 2021
10 best cybersecurity companies in healthcare for 202110 best cybersecurity companies in healthcare for 2021
10 best cybersecurity companies in healthcare for 2021
insightscare
 
Cyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceCyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General Audience
Tom K
 
Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chain
Symantec Brasil
 
Cyber Defense Matrix: Reloaded
Cyber Defense Matrix: ReloadedCyber Defense Matrix: Reloaded
Cyber Defense Matrix: Reloaded
Sounil Yu
 
Netpluz Managed SOC - MSS Service
Netpluz Managed SOC - MSS Service Netpluz Managed SOC - MSS Service
Netpluz Managed SOC - MSS Service
Netpluz Asia Pte Ltd
 
AI for Ransomware Detection & Prevention Insights from Patents
AI for Ransomware Detection & Prevention Insights from PatentsAI for Ransomware Detection & Prevention Insights from Patents
AI for Ransomware Detection & Prevention Insights from Patents
Alex G. Lee, Ph.D. Esq. CLP
 
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to SuccessAddressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Sirius
 
Making Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software DevelopmentMaking Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software Development
ConSanFrancisco123
 
Ransomware 2020 Report
Ransomware 2020 ReportRansomware 2020 Report
Ransomware 2020 Report
Fortis
 
Ransomware Response Guide IBM INCIDENT RESPONSE SERVICES
Ransomware Response Guide IBM INCIDENT RESPONSE SERVICESRansomware Response Guide IBM INCIDENT RESPONSE SERVICES
Ransomware Response Guide IBM INCIDENT RESPONSE SERVICES
Katherine Duffy
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]
David Sweigert
 
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...
Sounil Yu
 
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The BreachFireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye, Inc.
 
DATA BREACH LITIGATION HOW TO AVOID IT AND BE BETTER PREPARED
DATA BREACH LITIGATION HOW TO AVOID IT AND BE BETTER PREPAREDDATA BREACH LITIGATION HOW TO AVOID IT AND BE BETTER PREPARED
DATA BREACH LITIGATION HOW TO AVOID IT AND BE BETTER PREPARED
Priyanka Aash
 
The Internal Signs of Compromise
The Internal Signs of CompromiseThe Internal Signs of Compromise
The Internal Signs of Compromise
FireEye, Inc.
 
INTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICSINTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICS
Sylvain Martinez
 
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply Chain
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply ChainSFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply Chain
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply Chain
South Tyrol Free Software Conference
 
Preserving the Privilege during Breach Response
Preserving the Privilege during Breach ResponsePreserving the Privilege during Breach Response
Preserving the Privilege during Breach Response
Priyanka Aash
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Shawn Tuma
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack Continuum
Cisco Security
 
Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018
African Cyber Security Summit
 
The Board and Cyber Security
The Board and Cyber SecurityThe Board and Cyber Security
The Board and Cyber Security
FireEye, Inc.
 
Security Incident Response Readiness Survey
Security Incident Response Readiness Survey Security Incident Response Readiness Survey
Security Incident Response Readiness Survey
Rahul Neel Mani
 
Cyber Security for Financial Institutions
Cyber Security for Financial InstitutionsCyber Security for Financial Institutions
Cyber Security for Financial Institutions
Khawar Nehal khawar.nehal@atrc.net.pk
 
Firehost Webinar: Getting Hipaa Compliant
Firehost Webinar: Getting Hipaa Compliant Firehost Webinar: Getting Hipaa Compliant
Firehost Webinar: Getting Hipaa Compliant
Armor
 
Keys To Better Data Security In the Cloud
Keys To Better Data Security In the CloudKeys To Better Data Security In the Cloud
Keys To Better Data Security In the Cloud
Armor
 

More Related Content

What's hot

Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to SuccessAddressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Sirius
 
Making Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software DevelopmentMaking Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software Development
ConSanFrancisco123
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Shawn Tuma
 

What's hot (20)

Netpluz Managed SOC - MSS Service
Netpluz Managed SOC - MSS Service Netpluz Managed SOC - MSS Service
Netpluz Managed SOC - MSS Service
 
AI for Ransomware Detection & Prevention Insights from Patents
AI for Ransomware Detection & Prevention Insights from PatentsAI for Ransomware Detection & Prevention Insights from Patents
AI for Ransomware Detection & Prevention Insights from Patents
 
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to SuccessAddressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
 
Making Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software DevelopmentMaking Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software Development
 
Ransomware 2020 Report
Ransomware 2020 ReportRansomware 2020 Report
Ransomware 2020 Report
 
Ransomware Response Guide IBM INCIDENT RESPONSE SERVICES
Ransomware Response Guide IBM INCIDENT RESPONSE SERVICESRansomware Response Guide IBM INCIDENT RESPONSE SERVICES
Ransomware Response Guide IBM INCIDENT RESPONSE SERVICES
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]
 
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...
 
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The BreachFireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
 
DATA BREACH LITIGATION HOW TO AVOID IT AND BE BETTER PREPARED
DATA BREACH LITIGATION HOW TO AVOID IT AND BE BETTER PREPAREDDATA BREACH LITIGATION HOW TO AVOID IT AND BE BETTER PREPARED
DATA BREACH LITIGATION HOW TO AVOID IT AND BE BETTER PREPARED
 
The Internal Signs of Compromise
The Internal Signs of CompromiseThe Internal Signs of Compromise
The Internal Signs of Compromise
 
INTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICSINTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICS
 
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply Chain
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply ChainSFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply Chain
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply Chain
 
Preserving the Privilege during Breach Response
Preserving the Privilege during Breach ResponsePreserving the Privilege during Breach Response
Preserving the Privilege during Breach Response
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack Continuum
 
Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018
 
The Board and Cyber Security
The Board and Cyber SecurityThe Board and Cyber Security
The Board and Cyber Security
 
Security Incident Response Readiness Survey
Security Incident Response Readiness Survey Security Incident Response Readiness Survey
Security Incident Response Readiness Survey
 
Cyber Security for Financial Institutions
Cyber Security for Financial InstitutionsCyber Security for Financial Institutions
Cyber Security for Financial Institutions
 

Viewers also liked

Viewers also liked (7)

Firehost Webinar: Getting Hipaa Compliant
Firehost Webinar: Getting Hipaa Compliant Firehost Webinar: Getting Hipaa Compliant
Firehost Webinar: Getting Hipaa Compliant
 
Keys To Better Data Security In the Cloud
Keys To Better Data Security In the CloudKeys To Better Data Security In the Cloud
Keys To Better Data Security In the Cloud
 
With FireHost You Can Have it All: Performance & Security
With FireHost You Can Have it All: Performance & SecurityWith FireHost You Can Have it All: Performance & Security
With FireHost You Can Have it All: Performance & Security
 
Firehost Webinar: Hipaa Compliance 101 Part 2- Your Organizational Impact
Firehost Webinar: Hipaa Compliance 101 Part 2- Your Organizational ImpactFirehost Webinar: Hipaa Compliance 101 Part 2- Your Organizational Impact
Firehost Webinar: Hipaa Compliance 101 Part 2- Your Organizational Impact
 
Case Study - Currency from the Cloud: Security & Compliance for Payment Provider
Case Study - Currency from the Cloud: Security & Compliance for Payment ProviderCase Study - Currency from the Cloud: Security & Compliance for Payment Provider
Case Study - Currency from the Cloud: Security & Compliance for Payment Provider
 
Getting Ready for PCI DSS 3.0
Getting Ready for PCI DSS 3.0Getting Ready for PCI DSS 3.0
Getting Ready for PCI DSS 3.0
 
The Cloud Crossover
The Cloud CrossoverThe Cloud Crossover
The Cloud Crossover
 

Similar to Cybersecurity - Whose responsibility is it?

A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk Management
Daren Dunkel
 
Insights from the IBM Chief Information Security Officer Assessment
Insights from the IBM Chief Information Security Officer AssessmentInsights from the IBM Chief Information Security Officer Assessment
Insights from the IBM Chief Information Security Officer Assessment
IBM Security
 
cybersecurity-in-the-c-suite-a-matt
cybersecurity-in-the-c-suite-a-mattcybersecurity-in-the-c-suite-a-matt
cybersecurity-in-the-c-suite-a-matt
Yigal Behar
 
RSA Security Brief : Taking Charge of Security in a Hyperconnected World
RSA Security Brief : Taking Charge of Security in a Hyperconnected WorldRSA Security Brief : Taking Charge of Security in a Hyperconnected World
RSA Security Brief : Taking Charge of Security in a Hyperconnected World
EMC
 
Priming your digital immune system: Cybersecurity in the cognitive era
Priming your digital immune system: Cybersecurity in the cognitive eraPriming your digital immune system: Cybersecurity in the cognitive era
Priming your digital immune system: Cybersecurity in the cognitive era
Luke Farrell
 
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDFGT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
Laurie Mosca-Cocca
 
Norman Broadbent Cybersecurity Report - How should boards respond
Norman Broadbent Cybersecurity Report - How should boards respondNorman Broadbent Cybersecurity Report - How should boards respond
Norman Broadbent Cybersecurity Report - How should boards respond
Lydia Shepherd
 
Information Security Governance at Board and Executive Level
Information Security Governance at Board and Executive LevelInformation Security Governance at Board and Executive Level
Information Security Governance at Board and Executive Level
Koen Maris
 
CISO_Paper_Oct27_2015
CISO_Paper_Oct27_2015CISO_Paper_Oct27_2015
CISO_Paper_Oct27_2015
John Budriss
 

Similar to Cybersecurity - Whose responsibility is it? (20)

A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk Management
 
Finding a strategic voice
Finding a strategic voiceFinding a strategic voice
Finding a strategic voice
 
Insights from the IBM Chief Information Security Officer Assessment
Insights from the IBM Chief Information Security Officer AssessmentInsights from the IBM Chief Information Security Officer Assessment
Insights from the IBM Chief Information Security Officer Assessment
 
Cybersecurity: Perceptions & Practices
Cybersecurity: Perceptions & PracticesCybersecurity: Perceptions & Practices
Cybersecurity: Perceptions & Practices
 
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
 
5 Questions Executives Should Be Asking Their Security Teams
5 Questions Executives Should Be Asking Their Security Teams 5 Questions Executives Should Be Asking Their Security Teams
5 Questions Executives Should Be Asking Their Security Teams
 
cybersecurity-in-the-c-suite-a-matt
cybersecurity-in-the-c-suite-a-mattcybersecurity-in-the-c-suite-a-matt
cybersecurity-in-the-c-suite-a-matt
 
RSA Security Brief : Taking Charge of Security in a Hyperconnected World
RSA Security Brief : Taking Charge of Security in a Hyperconnected WorldRSA Security Brief : Taking Charge of Security in a Hyperconnected World
RSA Security Brief : Taking Charge of Security in a Hyperconnected World
 
State of Security McAfee Study
State of Security McAfee StudyState of Security McAfee Study
State of Security McAfee Study
 
Priming your digital immune system: Cybersecurity in the cognitive era
Priming your digital immune system: Cybersecurity in the cognitive eraPriming your digital immune system: Cybersecurity in the cognitive era
Priming your digital immune system: Cybersecurity in the cognitive era
 
Security and SMBs
Security and SMBsSecurity and SMBs
Security and SMBs
 
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDFGT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
 
Norman Broadbent Cybersecurity Report - How should boards respond
Norman Broadbent Cybersecurity Report - How should boards respondNorman Broadbent Cybersecurity Report - How should boards respond
Norman Broadbent Cybersecurity Report - How should boards respond
 
Information Security Governance at Board and Executive Level
Information Security Governance at Board and Executive LevelInformation Security Governance at Board and Executive Level
Information Security Governance at Board and Executive Level
 
IT Executive Guide to Security Intelligence
IT Executive Guide to Security IntelligenceIT Executive Guide to Security Intelligence
IT Executive Guide to Security Intelligence
 
For Corporate Boards, a Cyber Security Top 10
For Corporate Boards, a Cyber Security Top 10For Corporate Boards, a Cyber Security Top 10
For Corporate Boards, a Cyber Security Top 10
 
Assessing and Managing IT Security Risks
Assessing and Managing IT Security RisksAssessing and Managing IT Security Risks
Assessing and Managing IT Security Risks
 
CISO_Paper_Oct27_2015
CISO_Paper_Oct27_2015CISO_Paper_Oct27_2015
CISO_Paper_Oct27_2015
 
Rogers eBook Security
Rogers eBook SecurityRogers eBook Security
Rogers eBook Security
 
Metrics & Reporting - A Failure in Communication
Metrics & Reporting - A Failure in CommunicationMetrics & Reporting - A Failure in Communication
Metrics & Reporting - A Failure in Communication
 

More from Armor

Cloud Computing Best Practices
Cloud Computing Best PracticesCloud Computing Best Practices
Cloud Computing Best Practices
Armor
 

More from Armor (15)

Security Operations in the Cloud
Security Operations in the CloudSecurity Operations in the Cloud
Security Operations in the Cloud
 
Ransomware
Ransomware Ransomware
Ransomware
 
FireHost Webinar: HealthData Repository Deconstructed
FireHost Webinar: HealthData Repository DeconstructedFireHost Webinar: HealthData Repository Deconstructed
FireHost Webinar: HealthData Repository Deconstructed
 
FireHost Webinar: The Service You Should Expect in the Cloud
FireHost Webinar: The Service You Should Expect in the CloudFireHost Webinar: The Service You Should Expect in the Cloud
FireHost Webinar: The Service You Should Expect in the Cloud
 
Making Sense of Security and Compliance
Making Sense of Security and ComplianceMaking Sense of Security and Compliance
Making Sense of Security and Compliance
 
Firehost Webinar: How a Secure High Performance Cloud Powers Applications
Firehost Webinar: How a Secure High Performance Cloud Powers ApplicationsFirehost Webinar: How a Secure High Performance Cloud Powers Applications
Firehost Webinar: How a Secure High Performance Cloud Powers Applications
 
Firehost Webinar: Validating your Cardholder Data Envirnment
Firehost Webinar: Validating your Cardholder Data EnvirnmentFirehost Webinar: Validating your Cardholder Data Envirnment
Firehost Webinar: Validating your Cardholder Data Envirnment
 
Firehost Webinar: Do you know where your Cardholder Data Environment is?
Firehost Webinar: Do you know where your Cardholder Data Environment is? Firehost Webinar: Do you know where your Cardholder Data Environment is?
Firehost Webinar: Do you know where your Cardholder Data Environment is?
 
Firehost Webinar: Getting Ready for PCI 3.0
Firehost Webinar: Getting Ready for PCI 3.0Firehost Webinar: Getting Ready for PCI 3.0
Firehost Webinar: Getting Ready for PCI 3.0
 
Firehost Webinar: Hipaa Compliance 101 Part 1
Firehost Webinar: Hipaa Compliance 101 Part 1Firehost Webinar: Hipaa Compliance 101 Part 1
Firehost Webinar: Hipaa Compliance 101 Part 1
 
FireHost Webinar: How a Secure High Performance Cloud Powers Critical Applica...
FireHost Webinar: How a Secure High Performance Cloud Powers Critical Applica...FireHost Webinar: How a Secure High Performance Cloud Powers Critical Applica...
FireHost Webinar: How a Secure High Performance Cloud Powers Critical Applica...
 
FireHost Webinar: Protect Your Application With Intelligent Security
FireHost Webinar: Protect Your Application With Intelligent SecurityFireHost Webinar: Protect Your Application With Intelligent Security
FireHost Webinar: Protect Your Application With Intelligent Security
 
FireHost Webinar: 6 Must Have Tools For Disaster Prevention
FireHost Webinar: 6 Must Have Tools For Disaster PreventionFireHost Webinar: 6 Must Have Tools For Disaster Prevention
FireHost Webinar: 6 Must Have Tools For Disaster Prevention
 
Cloud Computing Best Practices
Cloud Computing Best PracticesCloud Computing Best Practices
Cloud Computing Best Practices
 
Secure Cloud Hosting: Real Requirements to Protect your Data
Secure Cloud Hosting: Real Requirements to Protect your DataSecure Cloud Hosting: Real Requirements to Protect your Data
Secure Cloud Hosting: Real Requirements to Protect your Data
 

Recently uploaded

Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 

Recently uploaded (20)

Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 

Cybersecurity - Whose responsibility is it?

  • 1. @ARMOR | ARMOR.COM | PAGE 1PAGE 1 Cybersecurity — Whose responsibility is it? IDENTIFYING ACCOUNTABILITY GAPS FOR TRUE COMPREHENSIVE CYBERSECURITY
  • 2. FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT? @ARMOR | ARMOR.COM | PAGE 2 Everyone sells security tools A tool seems like the obvious solution to a security problem; tools can be easily bought and easily bolted on to existing security systems to defend against emerging threats. Yet the numbers of breaches that are splattered across the headlines every week provide evidence that tools are not the answer. Enterprise executives recognize that their expenditures on tools are not necessarily in proportion to the security of their assets. Despite the fact that the market is saturated with security tools, the vendors that sell them are not willing to bear the risk of guaranteeing outcomes. After an enterprise makes its purchase, the vendor’s participation ends and the buyer is left on its own to implement and manage the tool. No other industry places such a heavy burden on its customers. Is the problem faulty tools? It is not. The tools can only work as well as the security professionals who use them every day to monitor, identify and resolve network anomalies. But a shortage of cybersecurity talent makes it hard to find qualified security experts to run daily security operations. And staffing is not the only people problem that impacts network security; the way that most corporations structure their leadership does not support the culture of security that is fundamental to a strong proactive posture. No wonder executives are worried. “Tools can only work as well as the security professionals who use them every day to monitor, identify and resolve network anomalies.”
  • 3. FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT? @ARMOR | ARMOR.COM | PAGE 3 Who is responsible for security? Who is responsible for security in the enterprise? Every company takes a different approach, but in many cases, accountability and authority do not reside in the same role. When this happens, it’s hard to tell who is responsible for securing digital assets. Security ownership is a game of Hot Potato Executive leaders are business experts. Their job is not to understand how security operations work, and so they may not know the best way to delegate authority for security activities. The obvious role to own responsibility for security is that of a technology executive, and that’s who is often in charge of securing the enterprise — at least nominally. However, not all technology executives understand security operations, and those who do may not have the influence needed to sponsor strong initiatives or command necessary resources. IT managers are often thrust into the role of security manager, but IT and security are different areas of expertise. An IT manager may not be able to get the training necessary to fully understand and manage security operations, and/or may not have the clout to make the organization-wide changes that are the heart of true security. Some enterprises rely on vendors to protect their enterprises. However, security is not a technical problem. Security is a strategy that has to be built into every aspect of the business. Real security cannot simply be purchased; it has to be developed, even when partnering with a trusted vendor. “Security is not a technical problem. Security is a strategy that has to be built into every aspect of the business.”
  • 4. FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT? @ARMOR | ARMOR.COM | PAGE 4 CEOs & CFOs Chief executive officers and chief financial officers bear ultimate responsibility, but they must base highly technical decisions on advice from their security execs (if they have any), or from their CIO or IT executives. CEOs and CFOs rightly and properly have a mindset focused on their core business. Security is often considered an operational cost rather than a strategic investment. When this is the case, CEOs and CFOs often exclude security and IT professionals from the decision-making stage of business-critical software purchases; a recent survey showed that when choosing a cloud-based service,1 only 34 percent of business leaders involved IT in the decision-making process, and only 29 percent involved IT while deploying the service. As a result, it is unlikely that proper security audits were conducted prior to purchase. CSOs Chief security officers are responsible for all security in an organization, from customer data to door locks. They have the specialized knowledge needed to protect their organizations, but because CSOs do not usually report directly to the CEO, they may encounter difficulties in gaining the funding, purchasing authority and cross-enterprise support needed to implement an appropriate level of security A common perception in the C-Suite is that the CSO should be responsible for failures in security, but the C-Suite does not always give the CSO the authority to take action against such failures. CSOs are sometimes pigeon-holed as “techies” and, however incorrectly, are not perceived as having a deep knowledge of the business as a whole.3 This limits the ability of the CSO to be effective. CISOs Chief information security officers are responsible for aligning all information-related security initiatives with security programs and business objectives. However, the role of CISO is a new one, and it is constantly evolving. CISOs often report to and work closely with the CIO, which can hamper the CISO’s ability to remain independent during audits and IT decisions. CISOs are also at risk of having their decisions overridden by the supervising CIO.4 CIOs, CSOs & CISOs CIOs Chief information officers are responsible for all technology capabilities, but they may not be security experts. The people who fill this role tend to be risk-averse, a disposition that is at odds with the need to defend against a dynamic threat landscape; sometimes a choice must be made between a new approach and no approach at all. A CIO’s focus on technology can actually be a pitfall. Strong security has to be infused through an organization, from the security department to the business processes to the employee activities. Therefore, securing the enterprise requires more than a technical scope.2 1 Quick, 2013 2 Burgess, 2014 3 McKendrick, 2013 4 Sarkar, 2013
  • 5. FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT? @ARMOR | ARMOR.COM | PAGE 5 IT director To non-technical business leaders, security may be perceived as an IT responsibility. However, security encompasses more than information systems; it’s an enterprise-wide mindset, beyond the scope of information systems alone. IT managers are not security specialists and don’t have the specialized skills needed to manage security across the enterprise; at the same time, IT managers may be uncomfortable sharing control of IT systems with the security department. Also, IT managers naturally focus on building systems, and sometimes only add the security later; that can result in a leaky system.5 Because of their position on the org chart, IT managers are unlikely to have the authority to get the funding or wield the influence to work across lines of business to adequately secure the enterprise. Line-of-business managers According to a survey by Ponemon, 25 percent of organizations surveyed identified line-of-business (LOB) managers as responsible for security.6 This is a clear disconnect; while the individuals in these roles contribute to the overall security (or lack of security) of their organizations, they are not equipped with the technical knowledge or the influence to drive security. LOB managers are typically eager to implement business software to improve their processes. They need to be conditioned to bring security on board early in the software selection process, in the same way that they work with the IT department. These individuals also play an important role in communicating the need for security and enforcing security policies within their own departments. LOB managers need to be kept aware of current enterprise security initiatives so they can align their departments’ activities with them. Security vendors In a survey by Ponemon commissioned by Armor, one-third of IT and security professionals named their cloud provider as the entity most responsible for protecting sensitive data in the cloud.7 Respondents clarified that they trusted their cloud providers to protect data assets more effectively than their own enterprises, with 57 percent agreeing on this point. However, no vendor can ensure enterprise-wide security because no vendor has authority inside a customer’s organization. That said, vendors can do more to ensure customer success. Security vendors need to be clear about the assignment of security responsibilities. They can help develop processes and identify areas in which they can offer additional support, beyond simply implementing tools. 5 McKendrick, 2013 6 Ponemon Institute, 2015 7 McKendrick, 2013
  • 6. FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT? @ARMOR | ARMOR.COM | PAGE 6 Security breakdowns A look at an org chart can raise questions about where a breakdown in responsibility can occur. Currently, it is uncommon for enterprises to have a CSO who is at a level equal to that of a COO or CTO. Is this because the leadership does not see security as a strategic concern, or does leadership lack the information needed to make that connection? If security is not strategic, then it’s a cost center. And if security is a cost center, security managers are under pressure to prioritize cost savings over investing the appropriate budget in security. Focused on core business Responsible for technology, but not necessarily security Focused on internal systems, but not security specialists Focused on business processes Aligns security initiatives with programs and objectives Focused on leveraging technology to promote business Responsible for all security, both logical and physical IT DIRECTOR LINE-OF-BUSINESS MANAGERS CEO CFOCOO CIO CISO CSO CTO
  • 7. FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT? @ARMOR | ARMOR.COM | PAGE 7 The empty chair problem Over 200,000 security jobs are unfilled at any given moment.8 The common assumption is that this is a simple supply and demand problem; train more cybersecurity professionals and the problem will go away. Yet training is available, and there are plenty of computer-minded students who are eager to enter a career that will guarantee them their pick of jobs. But no matter how many students graduate from academic programs in cybersecurity, the shortage is going to continue for the next few years. The exact mix of certifications and training needed in a specific security operations center (SOC) is not likely to be possessed by a recent graduate. Classroom training does not prepare an individual to perform well on the job; rather, true security expertise is learned in the SOC, working on real threats on live systems under the tutelage of experienced analysts. For every 20 open security positions at a given company, there is only one qualified candidate9 — with the key word being qualified. And the problem goes deeper than a lack of warm bodies; rather, it is tightly coupled with the nature of security operations in an enterprise environment. The typical security analyst is anything but typical. A broad range of roles and skills are needed in a SOC, and it can be hard to understand how a candidate will fit into the mosaic of the SOC team until he or she is on the job and working. Also, as new threats emerge, new skills are needed to counter them — so this morning’s new hire may not have the certifications and experience to proactively defend against this afternoon’s malicious activities. Training comes after experience Cybersecurity training programs teach policy but do not focus strongly enough on technical expertise, so graduates have been taught concepts but cannot fix vulnerabilities. The most desirable experience a security professional can possess is a high level of real-world aptitude and understanding in a demanding environment. A background that includes work with government agencies like the U.S. Department of Defense, National Security Agency, Central Intelligence Agency or military intelligence is particularly in demand. Professionals with this experience have learned how to protect the nation’s most sensitive data from the world’s most vicious threat actors. They also bring another benefit to the enterprise; security professionals form what are called trust circles (or, more colorfully, fight clubs). Trust circles are professional networks focused on sharing the latest tactics, techniques and procedures, as well as alerting members to threats looming on the horizon. High-level trust circles are by invitation only, and potential new members are vetted before being asked to join. Membership in an advanced trust circle is of tremendous value to an individual analyst and, in turn, of tremendous value to that analyst’s employer. An analyst with a strong network in the cybersecurity community is always aware of impending dangers and equipped to proactively deter them. 8 Carapezza, 2015 9 Lemos, n.d.
  • 8. FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT? @ARMOR | ARMOR.COM | PAGE 8 All of these certifications take time to complete. For instance, depending on the amount of experience a candidate has, preparing for the CompTIA+ certification can take anywhere from two to 12 weeks. And all of these certifications must be refreshed periodically.Each certifying body has a different set of requirements,but the general parameters are that certifications must be retaken or proof of professional development demonstrated every 1-3 years. Imagine a SOC with a dozen high-salaried security analysts; how many will be offline each year? How many man-hours are going to be devoted to maintaining certifications? Because security professionals tend to learn their most useful skills on the job, entry-level employees may not be a good investment. Even entry-level certifications are based on the presumption of real-world experience; for instance, the CompTIA Security+ certification recommends candidates accrue two years of on-the-job (OTJ) experience and complete a network administration certification before taking the assessment. Another desirable entry-level certification, GIAC Security Essentials, offers training that starts at the 300 level — the equivalent of a third-year college course. The student must independently pick up the skills needed to certify at that level before preparing for the assessment. Most enterprises have immediate needs and do not want to invest two years in an uncertified employee before that employee can become qualified to do the job he’s being paid to do. But the alternative to an unprepared candidate might be no candidate, so companies that find individuals with these certifications should snap them up, even with the knowledge that the candidate will still need OTJ training, and also with the knowledge that a two-year investment does not guarantee the candidate will stay with the company long enough to ‘pay back’ the resources that were invested in his development. Beyond the basic certifications, the areas of expertise become highly fragmented. Every time a company needs to add a new skill to its team, it’s either going to have to remove a costly employee from daily work to prepare for a new certification, or it’s going to have to hire the skill into the team. Enterprises that are running specific platforms should look for vendor-specific certifications, such as the Cisco CCNA, EMC RSA or Symantec Certified Specialist. Certified Ethical Hacker (CEH) Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Offensive Security Certified Professional (OSCP) Companies that need to add more advanced skills to their team will look for candidates with specific certifications.
  • 9. FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT? @ARMOR | ARMOR.COM | PAGE 9 Churn is a security risk Investing in these necessary certifications is a gamble. High demand drives high turnover, and the best security professionals have their pick of employers. Enterprises that don’t provide an attractive environment for their security professionals will have a hard time hanging onto them. Churn in the security department is a different beast than churn in any other department — it poses a threat to the enterprise. The cost of continual recruitment and the burden of onboarding are the obvious drawbacks to managing a high-churn staff, but more important, and more dangerous, are the loss of historical knowledge, the fragmentation of the team as new members are constantly introduced, and the drain on morale that creates a vicious circle of churn driving more churn. Go to the experts Enterprises lacking the resources to hire and retain their own security teams do have other options — cloud and managed services. Managed secure cloud providers and elite cybersecurity vendors are able to attract and retain the most highly-skilled professionals available, including those with deep experience in sensitive environments such as government defense agencies. Talented and well-connected professionals can work anywhere they choose, and they tend to choose environments in which their skills are the core business; these are the places that can offer them the best career paths and compensation packages. By utilizing a managed secure cloud provider, an enterprise gains access to the top talent in the industry without the burden of attracting and retaining costly personnel. Processes and techniques are the basis for proactive stances Threat actors are not focused on penetrating a particular network device. The device is merely the path to their true target, which are the processes a business uses to handle: • Personally identifiable information (PII) • Product development • Customer data • Financial transactions • And other sensitive data Think of technology as a hammer. A hammer doesn’t build a house; a skilled worker uses a hammer to build a house. Likewise, security technology alone doesn’t protect the enterprise; it is just a tool used by experts, and a strategy can’t be based on a tool. It needs to be paired with the right talent and proven processes in order to be effective. A good strategy is holistic, infused throughout the enterprise. The problem with buying tools is that vendors who sell tools do not sell success. They are moving units, while a secure enterprise needs its vendors to partner with it, helping to safeguard processes, define roles and responsibilities, and communicate security messages to the workforce as a whole.
  • 10. FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT? @ARMOR | ARMOR.COM | PAGE 10 The contextual intelligence will drive the next step: the threat remediation process. When techniques, tactics and procedures are identified, remediation can begin and future attacks can be prevented. Clearly, no tool alone — and no bank of tools — can protect against all threats. People commit bad acts, and people are the final defense against those bad actors. Security is a team effort. Get the support necessary to lock down entry points and respond if an intrusion occurs. A capable vendor will be able to provide guidance on how to dovetail business processes, accountability structures and technical solutions to create an effective security posture.10 To foster a culture of security, think beyond tools and look for a vendor that is willing to carry some of the burden. The security team needs visibility into business processes in order to strategize and implement appropriate security policies. If R&D is developing on a test server, that server needs to be known to security. If marketing is subscribing to a new SaaS product, security needs to conduct an application security audit. Policies should be developed in meetings between security and LOB managers to review how work is accomplished. This involves a series of steps, such as: • Inventory systems • Document workflow • Develop test cases • Identify vulnerabilities With this type of information, a solid security policy can be developed. The policy should preserve security without smothering productivity; overly strict policies tend to be ignored, so they’re a vulnerability in themselves. When an instance of unauthorized access has been identified, a process must be in place that defines next steps. Threat intelligence must be collected. The process should state how to capture data, which data is preserved, and how the data will be placed in context in order to be transformed into useful intelligence. What if data is ransomed? What if a DDOS attack is launched? What if a disgruntled insider sabotages critical systems? Processes should include what-if scenarios. ? ? ? 10 Jordan, 2014
  • 11. FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT? @ARMOR | ARMOR.COM | PAGE 11 The healthy org In an organization with healthy security, the enterprise considers security to be a strategic part of the business. The enterprise has a clear line of accountability for security issues,11 ending with the CSO. The characteristics of an organization using its CSO fully are that the CSO: • Reports directly to the CEO • Is an influential executive • Has the authority to ensure security operations are adequately funded • Has ownership of the security framework, but the entire enterprise has accountability for managing security across lines of business and within business processes In companies that do not yet have a CSO, the CEO should take the lead in fostering security throughout the enterprise. The CEO is a more appropriate point person than the CIO because security is not a technology risk — it’s a business risk. All executive officers should support security initiatives throughout the enterprise. LOB managers should be willing to share their work processes and application inventory with the security department. The entire enterprise should be security-conscious. Protecting sensitive data is everyone’s responsibility, from the CEO to the temp at the front desk: a ‘culture of security’ must be overtly fostered in all corporate activities and communications. In support of a culture of security, cybersecurity training should be part of the onboarding process for all employees, and continuing cybersecurity awareness part of the corporate culture. “Theentireenterprise shouldbe security- conscious. Protecting sensitivedatais everyone’sresponsibility, fromtheCEOtothe tempatthefrontdesk.” 11 Ibid.
  • 12. FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT? @ARMOR | ARMOR.COM | PAGE 12 The enterprise should have a centrally managed 24/7 security department. Not all companies can make a strong business case for an investment of this size; security operations are both costly and complicated to staff and run. For businesses unwilling or unable to dive this deeply into security, the best strategy is to outsource security operations to a security provider who is an expert in delivering more than tools to the enterprise; the provider should be a partner who continually works both for and within the enterprise to strengthen its security posture. In a healthy organization, specific security roles and responsibilities are defined. The individuals in these roles have the authority necessary to ensure the security of the enterprise. If on-premises, the security department must be staffed with the appropriate number of skilled and certified specialists. A formal plan should exist to ensure the security staff receives ongoing training and certification without affecting daily operations. Ideally, there should also be a plan to scale the number and skills-focus of the security staff to respond to a critical threat. Vendors should be selected based more on how they can support security processes than on the tools they offer. Vendors should be willing and able to engage in an ongoing relationship with the enterprise, taking on the role of security partner. “Forbusinesses unwillingorunable todivethisdeeply intosecurity,thebest strategyistooutsource securityoperationsto asecurityprovider whoisanexpertin deliveringmorethan toolstotheenterprise.”
  • 13. FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT? @ARMOR | ARMOR.COM | PAGE 13 Blend talent and technique Although investment in full-time cybersecurity professionals has doubled, it’s still too little and too small a percentage of overall IT. However, no amount of money can fix a broken process or place responsibility where it can do the most good — those decisions belong to the enterprise leaders. True cybersecurity requires a top-down commitment. The structure of the security department needs to include outreach into all parts of the organization to establish practical and effective security policies. But enterprises should not feel compelled to figure everything out on their own. Most companies are not security experts, but they are experts on their own businesses; leverage that knowledge when working with a vendor, and partner together to align business processes with security operations. The right vendor will provide more than tools; it will provide expert help on processes and techniques, and will share risk and deliver outcomes. A culture of security does not appear out of thin air, and there is no template that applies to every business. Each enterprise has to make an organization-wide effort to identify the roles and responsibilities — and the policies and processes — that make the most sense for its business model and strategy, as well as its likely threats. The right vendor will provide more than tools; it will provide expert help on processes and techniques, and will share risk and deliver outcomes.
  • 14. FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT? @ARMOR | ARMOR.COM | PAGE 14 Works Cited • Burgess, C., 2014. What Is the Role of Today’s CISOs? 7 Questions Business Leaders Are Asking. [Online] Available at: https://securityintelligence.com/what-is-the-role-of-todays-cisos-7-questions-business-leaders-are-asking/#.VcsF_flViko [Accessed 10 August 2015]. • Carapezza, K., 2015. With more than 200,000 unfilled jobs, colleges push cybersecurity. [Online] Available at: a. http://www.pbs.org/newshour/updates/college-struggle-keep-pace-need-cyber-soliders/ [Accessed 11 August 2015]. • Jordan, S., 2014. A Roadmap for CIOs & CSOs After the Year of the Mega Breach. [Online] Available at: http://www.darkreading.com/attacks-breaches/a-roadmap-for-cios-and-csos-after-the-year-of-the-mega-breach/a/d-id/1269679 [Accessed 10 August 2015]. • Lemos, R., n.d. Bridging the IT security skills gap. [Online] Available at: http://searchsecurity.techtarget.com/feature/Bridging-the-IT-security-skills-gap [Accessed 10 August 2015]. • McKendrick, J., 2013. Enterprises’ Security Practices Not Keeping Pace With Cloud Growth, Studies Find. [Online] Available at: http://www.forbes.com/sites/joemckendrick/2013/06/29/enterprises-security-practices-not-keeping-pace-with-cloud-growth-studies-find/ [Accessed 10 August 2015]. • Ponemon Institute, 2015. Cloud Security: Getting It Right, s.l.: Ponemon Institute. • Quick, R., 2013. Enterprise Cloud security: What are the risks and what you can do about them?. [Online] Available at: http://thenextweb.com/insider/2013/09/20/enterprise-cloud-security-what-are-the-risks-and-what-you-can-do-about-them/ [Accessed 10 August 2015]. • Sarkar, D., 2013. 5 Common Challenges Faced By Indian CISOs. [Online] Available at: http://www.cioandleader.com/articles/17995/5-common-challenges-faced-by-indian-cisos [Accessed 10 August 2015]. FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT?
  • 15. FEATURED WHITE PAPER: CYBERSECURITY — WHOSE RESPONSIBILITY IS IT? @ARMOR | ARMOR.COM | PAGE 15 US 2360 Campbell Creek Boulevard, Suite 525, Richardson, Texas 75082 | Phone: +1 877 262 3473 UK 268 Bath Road, Slough, Berkshire SL1 4AX | Phone: +44 800 500 3167 © ARMOR 2016. All rights reserved. US 2360 Campbell Creek Boulevard, Suite 525, Richardson, Texas 75082 | Phone: +1 877 262 3473 UK 268 Bath Road, Slough, Berkshire SL1 4AX | Phone: +44 800 500 3167 © ARMOR 2016. All rights reserved.