Intelligent CISO Issue 02 | Page 72

SAFEGUARDING ENTERPRISES FROM CYBERTHREATS :

WHAT TO CONSIDER AND WHY ?

Modern CISOs face a constant challenge as they attempt to stay ahead of an ever-increasing number of cyberthreats . Knowing where to channel investment to ensure enterprise security is maintained can be tough . Intelligent CISO hears from three experts about what their advice would be to security professionals facing this very predicament at organisations around the globe .
Piers Wilson , Head of Product Management at Huntsman Security here are so many

T things for CISOs and other security staff to consider when looking for solutions to possible threats and breaches . Piers Wilson , Head of Product Management at Huntsman Security , makes the case that organisations need to carefully balance monitoring systems with employee trust .

He said “ Maintaining enterprise security while respecting the trust of employees is very difficult . No organisation wants to be spying on their staff but they can ’ t run this risk of insiders causing havoc , either on purpose or by accident .
“ The problem is , traditional approaches simply aren ’ t effective at combating insider threats because , by definition , they ’ re already past all the perimeter defences .
“ Therefore , organisations need monitoring systems that can pick up any potentially suspicious activity that could indicate something is amiss without flagging every single thing users do .
“ For example , if the business detects a user account accessing data that it shouldn ’ t , they can quickly step in to prevent any harm from being done , whether the activity was an honest mistake or part of a deliberate attack .
“ This approach means having technology that can deal with hundreds , if not thousands , of potential alerts a day ; triaging to determine which represent true potential threats and which are false alarms .
“ As with any other security tool , the more the system can decide for itself what represents a real threat , the easier it will be for security teams to react as appropriate . This doesn ’ t mean that other security systems are surplus to requirements . Instead it should form part of a layered approach to security , along with more sophisticated analysis , to ensure that all potential routes are covered .
“ When it comes to managing trust of employees , most systems that monitor systems work unobtrusively in the background and only flag activity that could be a problem and , even then , most threats are discounted as perfectly legitimate users . “ Organisations just need to have the right policies in place that manage how they react to any flagged threats to ensure employees
72 Issue 02 | www . intelligentciso . com