“Mirror, mirror on the wall, whose job is it to make our organization the most secure of all?” Were movie makers to have updated the inquiry made by the evil queen in Snow White, directing that question at your organization, would we see fingers pointing all over the place?  

Some might point toward security and IT staff — isn’t that their job after all? Other fingers might instead point at the executive suite, or outwardly to various end users across the organization — and we could continue across the organizational chart — but should we?

Instead, as recent events clearly validate, we should look in the mirror. That is one of the reasons I like this year’s theme for Cybersecurity Awareness Month (CSAM), “See Yourself in Cyber.” A little introspection can go a long way in maximizing our collective cyber defenses.  


What Should We See in Our Personal Cybersecurity Mirror?

What should our personal images reflect, in terms of cybersecurity awareness and duty? Hopefully, we see an image of security in motion comprised of our collective stewardships, based on established and mutually understood roles and responsibilities.  

With regard to that understanding, let’s consider four basic cybersecurity actions the Cybersecurity and Infrastructure Security Agency (CISA) says every organization should take. Each one is a key component of this year’s Cybersecurity Awareness Month (CSAM) focus:

  • Enable multi-factor authentication.
  • Use strong passwords and a password manager.
  • Regularly patch and update software.
  • Recognize and report phishing.

Are our teams capable of carrying out these foundational security measures? Are our people trained and enabled to play their part in these activities? If the answer to either question is no, the person in the mirror may have some work to do.


Qualities of the Cybersecurity Leader

If you are a cybersecurity leader, what are some qualities you might want to see in yourself, reflected in the role you play? In the wake of my career in federal law enforcement, I’ve had the privilege of being a chief information security officer (CISO) at several enterprise organizations, including my current role at BlackBerry.  

Like most of us in cyber leadership, in those roles, I’ve experienced the challenges of funding, hiring and retaining security talent, as well as the increased pressure to meet the expectations of the board and top leadership. Grappling with those challenges contributes significantly to the pressure we place on ourselves, knowing that we are ultimately responsible for holding the line against formidable cybercriminals and the chaos they can inflict.  

The list of challenges we must overcome is actually even longer. In that protracted battle, here are a few more specific ways security leaders can enhance the image they see as they advance cybersecurity in their organization:

  • Evangelize cybersecurity across the organization, reduce friction while enabling the business (human-to-human collaboration).
  • Build trust across the public-private divide, especially with law enforcement agencies (organization-to-organization collaboration, driven by humans).
  • Use artificial intelligence (AI)-enabled tools (human collaboration with a silicon-based life form).


Collectively, we are making good progress on the first two points, and in many organizations, these partnerships are growing and flourishing. However, we must also develop trust around this third point.

As I stressed in a recent podcast interview, I see “AI as cybersecurity’s Great Equalizer.” The threat landscape is ever-evolving, ever-changing, and the workforce is shifting.  Additionally, risk doesn’t come packaged and fixed in its form, which means your corporate risk appetite is also a moving target. Cybersecurity built on a bedrock of proven artificial intelligence enables adaptation in sync with all these shifting parameters. 

 

Incorporating AI Into How We See Cyber

One example of the power of AI involves what I like to call the David and Goliath conundrum, where network defenders appear like David trying to hold back a giant opponent. Goliath, in this version, is the growing multitude of cybercriminals and the wide variety of threats they wield.

This giant universe of adversaries leverages an ability to morph or alter a virus signature just seconds before they decide to attack you. We particularly see this occurring in the Ransomware as a Service (RaaS) world.  

The only way for network defenders to stop this cyber-Goliath is by invoking the strength of an AI math model. We saw the results in a recent SE Labs evaluation, which took an AI math model trained in 2015, and pitted it against modern cyber threats occurring in 2022. The evaluation found that AI toppled nearly all of these threats, even though many of them did not exist in 2015; the predictive power of AI is that powerful.

And the self-learning algorithms only continue to increase in their capabilities and prowess against our dangerous foes! The efficacy of our current math models are unmatched — even by giants.


Seeing Our Collective Cyber Defense in the Mirror

If you’ve read any of my recent columns, you know I’ve championed “locking shields” — just as the ancient Romans did before battle — as a means to increase and strengthen our collective defenses. And when we all see ourselves clearly and play our role in cybersecurity responsibly, this collaboration becomes a powerful force multiplier, knitting together the people, processes and technologies of our cybersecurity ecosystem to form a formidable protective barrier.

If you or your organization do not have the resources to raise your own shield, you are not alone. A managed security services provider (MSSP) that incorporates AI-based defense tools and 24/7 coverage can help boost cyber defenses.

When it comes to mirrors, I find it’s always easier to look one’s self in the eye when you are authentically shouldering your responsibilities and looking out for others.


For more Cyber Tactics columns, click here.