PLAYING THE
LONG GAME:
HOW CISOS CAN GET AHEAD
CISOs don’t have an easy job. They’re up against
skilled, malicious adversaries and every day has
the potential to throw up new challenges. Mike
Campfield, Vice President of Security, ExtraHop,
offers some advice for modern CISOs on how
they can ensure long-term success.
C
ISOs are not
sergeants. They’re
generals. Their
job is not to fight
battles, it’s to win
wars. And yet so
often, CISOs are
torn away from their strategic roles to
fight the everyday battles keeping them
from assuming the long-term planning
and strategic oversight that the role is
made for. When they should be thinking
about the future, they’re stuck dealing
with the minutiae of the present.
Getting ahead of those smaller fires to
tackle the larger blaze will first require a
change in thinking. So how do you start
getting ready for long term now?
First, you’ll have to get an idea of where
you are now. What can you do well
and what do you do poorly? Where
do you have visibility and where is the
62
dark space within your environment?
And what could you do to harden your
attack surface? Importantly, you should
know whether you have an easy way
to demonstrate your strengths and
weaknesses as well as the ability to
show progress.
You must also assess how compliance-
fit your organisation is. The General Data
Protection Regulation (GDPR) came into
effect last year and requires compliant
organisations to file comprehensive
reports to the local regulator and
possibly the data subjects, within 72
hours of a breach. Those who fail to do
so may face fines that run higher than
€20 million. Figuring out whether you
could file that report within the window
will be critical to this assessment.
The next question is about how your
staff’s effectiveness can improve.
Could, for example, better cyberhygiene
Mike Campfield, Vice President of
Security, ExtraHop
or monitoring improve your security
posture? Moreover, do your staff have
access to the data and the skills
they need to do their job? If there are
barriers, where can they be demolished?
Where data is available, could datasets
be more complete or made more
intelligible to the people using it?
Identifying places and routines that
you can automate will be important.
Where staff are doing repetitive tasks,
you should consider where scripts,
integrations, orchestration tools or
ticketing systems can be applied to
replace those time-consuming manual
activities with policy driven execution.
Finally, you have to get the board – and
indeed the whole enterprise – on your
side and convince them that these
Issue 13
|
www.intelligentciso.com