The Institute for Critical Infrastructure Technology's latest report, CISO Solution Fatigue - Overcoming the Challenges of Cybersecurity Solution Overload, suggests that solution overload is plaguing organisations who are finding it difficult to identify and manage not only the cyber threats, but the strategies and solutions needed to make their roles more effective.
The report highlights the importance of the chief information security officer (CISO), citing that 54% of organisations have created the role, but they must manoeuvre through difficult tasks such as balancing risk and operations, making security decisions based on organisational assets.
CISOs must also be quickly adaptable to change in an era where threats evolve quicker than the security systems built to stop them. As a result, CISOs must face pressure from their employers and from 'cyber-adversaries' through too much information, too many solutions and too many communication problems.
The report suggests that the solution overload issues can be solved by first ignoring the hype about a particular solution and concentrate on solutions rather than the companies or products, as CISOs must "separate fact from fiction and make responsible decisions".
Organisational needs are also a complex minefield of issues, particularly in emerging technologies and BYOD trends. The report says that CISOs must be aware of both internal and external threats, and act accordingly, which may mean using vendor solutions for BYOD, cloud computing and IoT management. CISOs should trust reputable vendors, knowing that they can't control or monitor every threat themselves. Endpoint solutions should be considered to help CISOs manage the workload.
"The CISO should base their choice of a cloud security solution on the capabilities of the entire security platform and its interactions with other services instead of on the efficiency of a single security feature. Long-term decisions can be made by researching how quickly new features are sent to market and how much those features disrupt the market," the report says.
Communication across the organisation is another issue addressed in the report, as it is arguably the most important and exhausting CISO responsibilities, as they must justify their ideas and solutions to committees for budgetary decisions. If the CISO controls the budget, they are the sole responsibility champions of a particular solution.
In conjunction with stakeholders and boards, often risk solutions must be made using technological gaps and risk tolerances. The report suggests metrics as a way to manage decision-making processes.
Return on investment somewhat comprises the monetary values associated with cyber attacks, ransomware and phishing emails. The report suggests that CISOs can calculate ROI based on the costs of breaches, fines, notification costs and other related expenses. The likelihood of future attacks should be included to calculate a risk value, keeping in mind that threat landscapes change rapidly and often aggressively.
The report concludes by stating that CISOs are critical in cyber security defenses. Their expertise can reduce breach success rates by more than 50%. As such, the perils and challenges that come with the role can be overwhelming in the face of information overload and solution overload. Ultimately, the report states that a competent and capable CISO is able to identify the best solution for their organisation.
Read the report here.