Story image

CISOs face cyber security 'solution overload' challenges

29 Jun 16

The Institute for Critical Infrastructure Technology's latest report, CISO Solution Fatigue - Overcoming the Challenges of Cybersecurity Solution Overload, suggests that solution overload is plaguing organisations who are finding it difficult to identify and manage not only the cyber threats, but the strategies and solutions needed to make their roles more effective.

The report highlights the importance of the chief information security officer (CISO), citing that 54% of organisations have created the role, but they must manoeuvre through difficult tasks such as balancing risk and operations, making security decisions based on organisational assets.

CISOs must also be quickly adaptable to change in an era where threats evolve quicker than the security systems built to stop them. As a result, CISOs must face pressure from their employers and from 'cyber-adversaries' through too much information, too many solutions and too many communication problems.

The report suggests that the solution overload issues can be solved by first ignoring the hype about a particular solution and concentrate on solutions rather than the companies or products, as CISOs must "separate fact from fiction and make responsible decisions".

Organisational needs are also a complex minefield of issues, particularly in emerging technologies and BYOD trends. The report says that CISOs must be aware of both internal and external threats, and act accordingly, which may mean using vendor solutions for BYOD, cloud computing and IoT management. CISOs should trust reputable vendors, knowing that they can't control or monitor every threat themselves. Endpoint solutions should be considered to help CISOs manage the workload.

"The CISO should base their choice of a cloud security solution on the capabilities of the entire security platform and its interactions with other services instead of on the efficiency of a single security feature. Long-term decisions can be made by researching how quickly new features are sent to market and how much those features disrupt the market," the report says.

Communication across the organisation is another issue addressed in the report, as it is arguably the most important and exhausting CISO responsibilities, as they must justify their ideas and solutions to committees for budgetary decisions. If the CISO controls the budget, they are the sole responsibility champions of a particular solution.

In conjunction with stakeholders and boards, often risk solutions must be made using technological gaps and risk tolerances. The report suggests metrics as a way to manage decision-making processes.

Return on investment somewhat comprises the monetary values associated with cyber attacks, ransomware and phishing emails. The report suggests that CISOs can calculate ROI based on the costs of breaches, fines, notification costs and other related expenses. The likelihood of future attacks should be included to calculate a risk value, keeping in mind that threat landscapes change rapidly and often aggressively.

The report concludes by stating that CISOs are critical in cyber security defenses. Their expertise can reduce breach success rates by more than 50%. As such, the perils and challenges that come with the role can be overwhelming in the face of information overload and solution overload. Ultimately, the report states that a competent and capable CISO is able to identify the best solution for their organisation.

Read the report here.

SonicWall secures hybrid clouds by simplifying firewall deployment
Once new products are brought online in remote locations, administrators can manage local and distributed networks.
What MSPs can learn from Datto’s Channel Ransomware Report
While there have been less high profile attacks making the headlines, the frequency of attacks is, in fact, increasing.
Cisco expands security capabilities of SD­-WAN portfolio
Until now, SD-­WAN solutions have forced IT to choose between application experience or security.
AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
Kiwis losing $24.7mil to scam calls every year
The losses are almost five times higher compared to the same period last year, from reported losses alone.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why Australian enterprises are prime targets for malware attacks
"Only 14% of Australian organisations are continuously training employees to spot cyber attacks."
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”