At a time when Security is of paramount importance, it becomes essential for enterprises to proportionately allocate budget for different aspects of Enterprise Security.
As businesses increase their digital footprint through the Internet of Things (IoT), cloud and other initiatives, their windows of vulnerability open further still.”
Liz Goldberg, Principal Product Marketing Manager- Security Intelligence Product Line, SAS
What are the technological trends that you think will be spearheading Cyber Security in 2019-20?
As businesses increase their digital footprint through the Internet of Things (IoT), cloud and other initiatives, their windows of vulnerability open further still. Not only do these new devices and services pose a new avenue through which a stealthy adversary can enter the enterprise network, but they also add to the data deluge Cyber Security teams already face. High volumes of false alerts issue in rapid-fire from the massive volumes of data generated by the inter-device communications. Within these communications, suspicious behavior can go undetected without a clear understanding of individual device and overall organizational risk posture.
As your primary security offense and defense, your team should be imparted with individualized and team training plans. Plans must be established and re-evaluated every year at a minimum.”
Surjit Das, Principal Consultant – Cybersecurity, SAS India
What are the current technological challenges faced by the CISOs from a security point of view?
The biggest technology challenge CISOs face is the growing complexity of their security environments. In fact, the average enterprise uses 75 security products to secure their network. With analytics becoming mainstream in the market, more security products are adding analytic capabilities to become “smarter”. Rather than simplifying the complexity, this is having the opposite effect. Analytic capabilities are becoming decentralized and data increasingly siloed, further limiting the organization’s ability to extract security insights in a consistent and governed manner. As a result, CISOs lack a consistent and accurate picture of their security risks which can lead to unnecessary costs and sub-optimal risk mitigation decisions.
What are the solutions that you offer to the CISOs to face those challenges?
SAS Cybersecurity provides a solid, unifying security analytics software foundation for enterprise security risk assessment, threat detection and alert management. SAS Cybersecurity allows organizations to understand their enterprise security postures, identify current weaknesses in their networks, see indicators of attack before compromise and effectively prioritize remediation efforts.
What kind of a budget do you suggest CISOs should allocate to meet their Cyber Security requirements?
For much of the last 15 years, cyberattackers have pursued secrets and money. Certain industries became favourite targets and experienced a disproportionate number of attacks, while others remained relatively unscathed. IT security should have senior executive support and be a centrally managed function. Next, the budget. At a minimum, 10 percent of the IT budget should be earmarked for the following cybersecurity fundamentals.
- Employee education: 1 percent – In the modern organization, the training to support your cybersecurity strategy should be separated from the general training budget. Otherwise, this type of employee education can get lost to other training priorities. All of the organization’s staff should undergo a mandatory training
- Security policy: 2.5 percent: A formal IT security policy is a must and should be tightly coupled with employee education. The policy need not be overly rigid, but it should provide guidance on acceptable use of the Internet and resources attached to it.
- Network awareness: 2 percent : Networkawareness should be a critical component of your cybersecurity strategy. Here, it’s important to work with the team that provides your switching and routing fabric and gear to better understand your network awareness.
- Specialized training for the security team: 1 percent : As your primary security offense and defense, your team should be imparted with individualized and team training plans. Plans must be established and re-evaluated every year at a minimum.
How would you describe technical prevention measures in place for your customers?
An integrated real time event monitoring & investigation infrastructure, which consisted of privileged identity management, single sign-on, security information and event management, web application filtering, DDOS protection, intrusion prevention, vulnerability assessment tooling and all these technologies underpinned by effective processes and procedures. The solution is at a minimum ISO27K and PCI/DDS certified and annually audited by a certified body.