Part two of three
DEPARTMENTAL Buy-In. But that is only part of the challenge. Cybersecurity cannot be the sole responsibility of the IT team. Even if they had adequate resources, IT and security teams still cannot effectively move beyond a tactical approach without buy-in and participation from the executive suite or from the various lines of business.
One of the biggest challenges that occur inside the network perimeter is insider threats.
When looking at priorities that CISOs list among various security initiatives, the prevention, detection, and response to insider threats were consistently listed among their top-tier priorities.
Managing insider threats and risks, especially unintentional events – like clicking on a phishing link, using weak passwords, or exposing the network to an unsecured device – eat up a lot of the time and resources of the security team, whose time could be better spent managing threats from external sources. To address this, employees across departments must take a more active role in cybersecurity by learning to avoid common attack tactics and assisting security teams in developing an approach to cybersecurity that will be effective without limiting productivity.
Putting employees at the center of the cybersecurity strategy. By putting employee development at the center of their cybersecurity strategy, CISOs enable their teams to work more efficiently while taking a holistic, strategic approach to network protection.
There are a few key ways this can be done:
Employee Training. As the skills gap persists, CISOs should ensure their security team has regular opportunities for further education in deploying, configuring, and managing advanced security tools, as well as identifying and addressing new emerging threats.
This is especially crucial to enable them to switch from a focus on prevention to a focus on threat detection and remediation. Proficiency in these types of integrated tools provides IT teams with enhanced visibility into how data is used and moved through the network, in addition to simplified management and analytics abilities. This is crucial as networks become more distributed and detection and remediation become increasingly important.
Additionally, the skills gap means organizations are less likely to hire new people with extensive field experience, which means they will have to focus on developing the skillsets of their existing team. To make this easier, Fortinet customers have access to our in-depth, hands-on training on our product suite as well as fundamental security principles through the Fortinet Network Security Expert (NSE) program. The NSE program offers eight course levels, beginning with understanding the threat landscape and the evolution of cybersecurity, through to the ability to configure, install, and troubleshoot a comprehensive security solution. Investing in security training like this enables CISOs to ensure that a strong internal candidate is ready when a position becomes available, as well as assisting in employee retention for essential security staff. (By Rob Rashotte, vice president for Global Training & Technical Field Enablement at Fortinet. Last part next week)