The latest insights from your peers on the latest in Enterprise IT, straight to your inbox.
This article is by Featured Blogger Mark Van Rijmenam, Founder, DataFloq originally published on VanRijmenam.nl. Republished with the author’s permission.
In a world where dataism has become the new normal for organizations, security has become a high priority. Or at least, it should be a top priority for organizations. Unfortunately, the reality is different, and every year, many consumers still become the victim of one of the hundreds of data breaches. Any organization can be hacked, and without sufficient security measures in place, it can become very expensive.
The breach of Equifax, the consumer credit reporting agency that exposed the personal data of some 143 million Americans in June and July 2017, is among the biggest hacks with the biggest impact on consumers. Thus far, the Equifax breach has cost the company US$4 billion. The company’s CEO resigned over the hack, as did its Chief Information Officer and its Chief Security Officer.
Information Security Challenges for Organizations
Unfortunately, protecting your organizations from (would be) hackers is difficult. Organizations face a lot of challenges when it comes to ensuring information security. Many organizations lack adequate staff in security operations and incident response. Detecting digital threads is challenging, and for most organizations, it is not a core competency.
As a result, they lack data engineers and analysts to ensure proper incident monitoring and detection. Consequently, organizations face a lot of false positives due to the lack of intelligent analytics, resulting in too much noise. In addition, in a lot of organizations, monitoring still depends on too many manual processes, tools that are not integrated and the organization lacks a complete overall picture.
Those companies that do not implement proper security measures, or at least ensure their data is encrypted so it is useless in case of a data breach, can be made liable. Especially under the GDPR regulations. Therefore, it is vital for organizations to develop the right policies and processes to ensure data security and the Chief Information Security Officer (CISO) should be responsible.
The Chief Information Security Officer
The Chief Information Security Officer is responsible for managing enterprise risks related to information, deploying security analytics within the organization to do so and ensure compliance with regulations related to data security. The Chief Information Security Officer should create an environment that is capable of dealing with large quantities of data. Not only the data created within the organization but also the data involved with security analytics.
Security analytics generally involve terabytes or petabytes of data due to log information from monitoring your network, database information, identify information and all kinds of other system data that needs to be analyzed in real-time to know what is going on. The role of the CISO is an important one, but what are the five main characteristics to look at when hiring your next Chief Information Security Officer?
1. Understand the Technical Environment
The CISO has to develop the security backbone of an organization, often starting from scratch. The CISO should be actively involved in activities such as managing operational risk activities, identifying protection goals and metrics that are aligned with the strategic plan and prioritize security initiatives within the organizations. Of course, the CISO should be responsible for implementing security analytics and overseeing incident monitoring and response planning. To be able to do so, the CISO needs to have a thorough understanding of IT and information security tools.
2. Be a Change Manager
Information security requires a culture change within the organization. Making all employees aware of the importance of information security, ensuring the right security policies and processes and making sure that the implemented security analytics are used, requires a culture change. This is difficult, as people have natural inertia to change. Therefore, the Chief Information Security Officer should be a strong change manager, who is capable of changing people’s behavior within the company.
3. Be a Strategist and Communicator
As a CISO, it is your responsibility to create high-end encryption and make your systems as unhackable as possible, but still, align it with the business objectives. Unmoveable, cold-stored data does not help with the business, as business needs the information to flow and be reachable in real-time. It is, therefore, the objective of the CISO to find a balance between security needs and business needs and be able to convey this message to the stakeholders. After all, if the end-users do not understand why certain security measures are in place, they are likely to ignore it.
4. Be a Good Recruiter and Manager
Developing an advanced information security environment, including analytics for monitoring and detection of data breaches, requires very skilled personnel. Often, these developers are hard to come by and hard to keep. A great CISO hires staff that are analytical, great thinkers and result-focused that like to solve complex puzzles. It is the task of the CISO to create an inspirational and challenging work environment for IT security staff.
5. Be Capable of Complex Risk Assessments
Developing and implementing information security systems take time, money and energy. A great CISO can assess and prioritize which assets need to be protected first and how depending on the risks involved. To do so, the Chief Information Security Officer should have a clear understanding of the objectives of the different departments, what the different data requirements are and what the corresponding risk factors are. Based on an analysis of these, often conflicting interests, the CISO should be able to develop an actionable security strategy to minimize the risks the organization faces.
The introduction of the Chief Information Security Officer is just the beginning. The world of digital security is changing rapidly, and organizations should evolve as well. Cybercriminals are constantly changing their tactics, finding new ways to attack companies, so if a company refuses to stay up-to-date, they are almost asking to be hacked. This new reality requires a new approach to security.
Protecting your company should be focused on prevention, detection, and response. On the one hand, you should make it as difficult as possible for criminals to hack your systems. Encrypt your documents, and especially your passwords, and use firewalls to protect your systems from outside intruders. On the other hand, focus on monitoring and detection to know what is going on within your network and company. Finally, combine different tools to directly respond when an intruder is discovered. To implement all these information security measures, the role of the Chief Information Security Officer is a necessity.