Tips for CISOs while planning to safeguard digital assets

Digitization initiatives have continued to be successful in the Middle East, and with rapid adoption of digital technologies, comes added and growing exposure to risks of cyber-attacks. These attacks are now sophisticated and have the potential to derail the progress and benefits of digitization.

CISOs of organizations across the region play a significant role in mitigating and navigating these risks to ensure that the right strategic approaches are implemented to safeguard digital assets.

Cisco’s CISO Advisories experts are sharing key topics to keep in mind when CISOs prepare to reduce threats this year:

1. Getting the basics right

Being a CISO has never been more complex. There are more sophisticated attacks, scarcity of resources, the challenges of communicating effectively with the board, and more demanding, regulatory drivers being implemented rapidly within the region.

With so much to consider, it is vital that CISOs have a clear understanding of the core elements of what they protect. Questions like ‘where is the data?’, ‘who is accessing it?’, ‘what applications is the organization using?’, ‘where and what is in the cloud?’ will continue to be asked, with an overarching need to make management of the security function more flexible and simpler for the user. This visibility will also inevitably help ease quicker decision making and less of an operational overhead when it comes to regulatory compliance.

2. Increasing demands from insurers

Cyber insurance or coverage plays an increasingly vital role in risk management strategy in the Middle East. Even though the newest and most rapidly evolving topic, cyber insurance provides financial protection that enables innovation and risk taking in digitization. The topic will continue to be in focus this year, with insurers demanding greater attribution – aka the science of identifying the perpetrator of a cybercrime by comparing the evidence gathered from an attack with evidence gathered from earlier attacks that have been attributed to known perpetrators to find similarities. Greater preparation and crystal-clear clarity of the extent to which attribution has taken place when negotiating contracts will be an essential element for CISOs going forward.

3. How Zero Trust will progress

Zero Trust implementations, while being the most secure approach a firm can take, are long journeys that take multiple years for major enterprises to carry out, so it is vital that they start as they mean to go on.

However, that can be easier said than done in many cases, as the principles within Zero trust fundamentally turn traditional security methods on their head, from protecting from the outside in (guarding your company’s parameter from external threats) to protecting from in the inside out (guarding individual assets from all threats, both internal and external). This is particularly challenging for large enterprises with a multitude of different silos, stakeholders and business divisions to consider.

The key to success on a zero-trust journey is to set up the right governance mode with the relevant stakeholders and communicate all changes.

4. Ransomware and how to deal with it

As with last year, ransomware continues to be the main tactical issue and concern facing CISOs. More specifically, the uncertainty around when and how an attack could be launched against the organization is a constant threat.

CISOs will continue to keep a focus on the core basics to prevent or limit the impact of an attack, and again have a closer look at how any ransomware payment may or may not be paid and who will authorize payment.

5. From Security Awareness to Culture Change

Traditionally CISOs have talked about the importance of improving security awareness which has resulted in the growth of those test phishing emails. There is increased discussion now about the limited impact of this approach.

For the most effective security awareness, culture is key. This means that everyone should see themselves as part of the security team, like the approach that has been taken when approaching the issue of safety in many high-risk industries. CISOs this year will now be keen to bring about a change to a security culture by making security inclusive, looking to create security champions within the organization, and finding new methods to communicate the security message.

6. Resignations, recruitment and retention

With Hybrid work becoming the norm rather than an exception, not having flexible infrastructure can deter the best talent from joining or staying within an organization. Overly restrictive security practices, burdensome security with too many friction points, and limitations around what resources and tools can be used can all contribute to this factor.

CISOs don’t need that extra worry of being the reason behind that kind of ‘brain drain’. So, security will need to focus on supporting the introduction of flexibility and the ease of user experience, such as passwordless or risk-based authentication.

7. Don’t sleep on the impact of MFA Fatigue

Just when we thought it was safe to go back into the organization with MFA protecting us, along came methods of attack that rely on push-based authentication vulnerabilities including:

• The barrage of push notifications – Multiple successive push notifications to bother a user into accepting a push for a fraudulent login attempt;
• Push Fatigue – Constant MFA means users pay less attention to the details of their login, causing a user to accept a push login without thinking.

In the forthcoming year CISOs will look to update their solutions and introduce new ways to authenticate, along with increased communications to users on the topic.

Comments

Comments