Story image

CISOs face cyber security 'solution overload' challenges

29 Jun 2016

The Institute for Critical Infrastructure Technology's latest report, CISO Solution Fatigue - Overcoming the Challenges of Cybersecurity Solution Overload, suggests that solution overload is plaguing organisations who are finding it difficult to identify and manage not only the cyber threats, but the strategies and solutions needed to make their roles more effective.

The report highlights the importance of the chief information security officer (CISO), citing that 54% of organisations have created the role, but they must manoeuvre through difficult tasks such as balancing risk and operations, making security decisions based on organisational assets.

CISOs must also be quickly adaptable to change in an era where threats evolve quicker than the security systems built to stop them. As a result, CISOs must face pressure from their employers and from 'cyber-adversaries' through too much information, too many solutions and too many communication problems.

The report suggests that the solution overload issues can be solved by first ignoring the hype about a particular solution and concentrate on solutions rather than the companies or products, as CISOs must "separate fact from fiction and make responsible decisions".

Organisational needs are also a complex minefield of issues, particularly in emerging technologies and BYOD trends. The report says that CISOs must be aware of both internal and external threats, and act accordingly, which may mean using vendor solutions for BYOD, cloud computing and IoT management. CISOs should trust reputable vendors, knowing that they can't control or monitor every threat themselves. Endpoint solutions should be considered to help CISOs manage the workload.

"The CISO should base their choice of a cloud security solution on the capabilities of the entire security platform and its interactions with other services instead of on the efficiency of a single security feature. Long-term decisions can be made by researching how quickly new features are sent to market and how much those features disrupt the market," the report says.

Communication across the organisation is another issue addressed in the report, as it is arguably the most important and exhausting CISO responsibilities, as they must justify their ideas and solutions to committees for budgetary decisions. If the CISO controls the budget, they are the sole responsibility champions of a particular solution.

In conjunction with stakeholders and boards, often risk solutions must be made using technological gaps and risk tolerances. The report suggests metrics as a way to manage decision-making processes.

Return on investment somewhat comprises the monetary values associated with cyber attacks, ransomware and phishing emails. The report suggests that CISOs can calculate ROI based on the costs of breaches, fines, notification costs and other related expenses. The likelihood of future attacks should be included to calculate a risk value, keeping in mind that threat landscapes change rapidly and often aggressively.

The report concludes by stating that CISOs are critical in cyber security defenses. Their expertise can reduce breach success rates by more than 50%. As such, the perils and challenges that come with the role can be overwhelming in the face of information overload and solution overload. Ultimately, the report states that a competent and capable CISO is able to identify the best solution for their organisation.

Read the report here.

New threat rears its head in new malware report
Check Point’s researchers view Speakup as a significant threat, as it can be used to download and spread any malware.
Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
The right to be forgotten online could soon be forgotten
Despite bolstering free speech and access to information, the internet can be a double-edged sword, because that access to information goes both ways.
Opinion: 4 Ransomware trends to watch in 2019
Recorded Future's Allan Liska looks at the past big ransomware attacks thus far to predict what's coming this year.