Chief information security officers (CISOs) have become part of the C-level team because of the importance of cyber security, writes Tallen Harmsen, head of Cyber Security at IndigoCube – and they’re really there to help the board members and C-level executives know and understand the organisation’s position on cyber security in language they can understand.
The results of breaches range from fairly benign to arguably catastrophic, depending on your perspective. Some Johannesburg residents could argue the latter given the ransomware attack on City Power. It left them without power after they could not buy electricity, upload invoices, nor access City Power’s website, according to a tweet by City Power.
In the end someone must always be held accountable. Laws and regulation today make it the responsibility of chief executives rather than their teams. Recent Forrester research indicates that 51% of respondents ID the CEO or the board of directors as accountable for data. That used to be the IT department’s responsibility so it’s a major shift.
The four hurdles to sharing the organisation’s security posture are:
- Identifying the most useful data security and risk metrics;
- Translating the data security risk into business risk;
- Communicating the real-time insights on the most critical data; and
- Identifying and classifying the company’s most critical data.
You have to give busy executives who may not be IT experts – although certainly IT literate – quick overviews that can just as rapidly become detailed reports. The best way to achieve those is smart dashboards that give them the tools they need to proactively stay ahead of the game. They can see colour-coded dashboard views with the drill-down capabilities to access the granular data, should they need to. And it must all be based on integrated data from across the organisation and potentially some from external sources, too.
The threat environment is a lot more complex today than ever before. Attacks come from inside and outside the network. You can also glean a lot of information that points to potential attacks before they happen, effectively forewarning people. Some of that information comes from internal systems, some of it comes from social platforms, and some even the dark web.
Visually representing the information gives busy executives a quick way to check the health and zoom in on areas that may need attention. Attacks don’t always conveniently occur during business hours. So the intelligent visibility of smart tools also allows businesses to establish automatic alerts based on thresholds, advanced intelligence, and machine learning. They keep entire, relevant teams in the loop on a real-time basis.
The security scenario today is complex and we need integrated visibility across the entire business so we can proactively manage the risks. PoPI, GDPR and other regulations make individual people responsible even though they have neither direct contact with the data nor the systems that control them. But now they have the tools that help them and all their relevant team players stay on top of the situation.
They can instantly see which lines of business have the highest risk levels. They can identify their crown jewels. They can see what’s protected and what’s exposed. They can see where the data sits. They have a list of any outstanding compliance issues and recommended remedial action. They can see how sensitive information flows through the business. They can see what applications, processes and people access and use the data.
That’s essential information in the current threat environment.