Sun Tzu famously said, “all warfare is based on deception.” He could hardly have anticipated how his words would ultimately be substantiated—particularly in the tactics of today’s cybercriminals.
In recent years, Enterprise Risk Management has become increasingly focused on cybersecurity risks. While this focus on cyber is understandable, the current COVID crisis has demonstrated that the unpredictable nature of cascading risks requires viewing risk through a much wider risk aperture. One way forward to successfully navigate this new risk frontier is the establishment of a Risk Operations Center (ROC). The ROC enables enterprise and technology leaders to have the continuous monitoring they require to proactively mitigate all cyber issues. Additionally, it fully supports the CISO/cybersecurity leader's principal responsibilities identified by the HBR survey.
COVID-19 has completely changed our world from six months ago, as we continue to battle the grave health implications, face extended stay at home orders, and grapple with the insurmountable ramifications on our economy. The pandemic has also forever changed the cyber threat landscape, with our workforce becoming more dispersed, and potentially more vulnerable, than ever as organizations switch out of the confines of their offices and move entire data streams to their laptops and home offices. On top of this, Salesforce has announced it is ending its Data Recovery service on July 31st, which is putting all of the data protection responsibilities, and the dire consequences that comes along with it, on the backs of the customer.
To address this current losing war with cyberattackers, the future of cybersecurity requires augmenting the current focus of “indicators of compromise” with “indicators of exposure & warning” in real-time. Where the measure would be to gauge the shift of incident management that would tilt on managing more incidents at warning stages than on compromise stages. It is imperative to build an AI engine to perform this very task as that would be the only way to perform in real-time, scale with the growing nature of cloud as well as to cover the evolving nature to attack scenarios.
The Cybersecurity and Infrastructure Security Agency (CISA) announced the addition of two leading cybersecurity experts to support the agency’s COVID-19 response efforts. Josh Corman is joining CISA as a Visiting Researcher, and Rob Arnold will join CISA’s National Risk Management Center as a Senior Cybersecurity and Risk Management Advisor.
Fourth annual global study from ESG and ISSA finds 45 percent state cybersecurity skills shortage has only gotten worse over the past few years. Why has nothing changed?
July 30, 2020
The cybersecurity skills crisis continues to worsen for the fourth year in a row and has impacted nearly three quarters (70 percent) of organizations, as revealed in the fourth annual global study of cybersecurity professionals by the Information Systems Security Association (ISSA) and independent industry analyst firm Enterprise Strategy Group (ESG).
The Cybersecurity and Infrastructure Security Agency (CISA) announced the opening of individual and team registration for the second annual President’s Cup Cybersecurity Competition, which is open to any Federal Executive branch employee, including the Department of Defense and uniformed service members, with a knack for cybersecurity.