Last of three parts
LEVERAGE automation. Another way CISOs can help increase the productivity of their limited security teams is by giving them back time to focus on strategy. One way to do this is to deploy security solutions that make extensive use of automation through AI and machine learning. Cyberattacks are happening at machine speed – meaning that your security team cannot keep up with threat correlation, or even basic remediation efforts, on their own. Automated solutions can work to respond to anomalous activity and known threats attempting to breach the network – allowing security teams time to focus on strategy and remediation efforts. For example, rather than having security teams working around the clock to detect potential internal threats, they can use machine learning to understand what normal behavior for employees looks like, and then react when behavior deviates. They can also be assigned menial tasks such as inventory management and patching, freeing up human resources to focus on higher-order activities.
Develop a cyber-aware culture. The top answer given by CISOs when asked about security priorities over the next five years, was to “create a culture of security.” This involves training employees across lines of business in good cyber-hygiene. Beyond making sure that employees can identify phishing attacks or know how to update their applications on a regular basis, CISOs should also foster collaboration between departments and the security team. This will reduce instances of inadvertent internal threats, and increase overall buy-in for the security program. Ensuring that lines of business are aware of security strategy, and are happy to work with IT teams to ensure security policies, ensures buy-in across the organization.
By focusing on training and enabling employees to perform basic security tasks such as updating devices, identifying suspicious behaviors, and practicing safe cyber behavior across teams, CISOs can begin to establish a holistic security strategy that can stand up to today’s advanced threats.
Final thoughts. CISOs are in a challenging position of having to secure increasingly distributed networks from advanced threats with limited resources. By focusing on employee development, enablement, and buy-in, CISOs can create a centralized security strategy that builds collaboration and reallocates security teams away from tactical, reactive work to more proactive and strategic efforts. By Rob Rashotte, vice president for Global Training & Technical Field Enablement at Fortinet