Intelligent CISO Issue 76 | Page 49

f

e

a

t

u

r

e

he technology landscape is becoming a melting pot of innovation and cutting-edge research . In many ways , this is driving society forwards and unlocking new opportunities for businesses across all industries . But as IT systems grow more sophisticated , organisations must always remain vigilant to the persistent cybersecurity threats that exist .
Such extensive innovation could be considered a double-edged sword , as it in itself has enabled threat techniques to evolve at pace , keeping security professionals on their toes in a bid to keep up . This has triggered a need for greater emphasis to be placed on businesses to feed resources into their existing cyber functions and invest in the right technology and talent to adapt to these rising threats .
As a result , decision-makers and CISOs need to consider how future innovations may impact their cyber health . Investment in cybersecurity isn ’ t just a method to plug existing gaps , but a mechanism for proactivity and preparedness to defend against theoretical and tangible risks in the mid- to long-term .
The need for the right technology
At the core of what drives cybersecurity decision making is ensuring that technology aligns with organisational needs and goals . Attack surfaces are complex and dynamic , built upon layers of IT infrastructure , across multiple business units and sectors . CISOs must ensure that all facets are considered when it comes to isolating security gaps or existing vulnerabilities , to minimise risk .
There are always inherent challenges when it comes to upgrading legacy infrastructure or replacing them . Organisations can sometimes follow the attitude of ‘ newer is better ’, when this may not be the case . Smarter tools may offer greater independent benefits , but when considered as part of a larger network , can be more detrimental to operations . This is especially the case when looking at siloed business units , as pitfalls appear when adding additional tools to the mix .
It ’ s essential to weigh up all the options . Investing in more sophisticated cybersecurity technologies that integrate well , and enhance current systems is essential to providing more robust protection . Identifying and isolating any gaps , and integrating the correct solutions , be it endpoint , cloud , network , or broader , can be the difference maker in defending against a breach .
The cybersecurity skills revolution
The cybersecurity – and broader technology – talent crunch has become quite acute in recent years . In fact , the World Economic Forum found that approximately 52 % of organisations reported resourcing and skills to be the biggest challenge when building out their approach to cyberresilience . Additionally , nearly all ( 95 %) of CISOs and felt there should be a greater effort on recruiting talent into the cyber workforce .
There are several factors that contribute to this challenge . Cybersecurity careers have been associated with certain stereotypes , but those in the industry are working to dispel this . Highlighting the importance of the role , curating healthy and rewarding working environments and setting out a tangible and measured career progression is essential .
Furthermore , eliminating the perception of a high barrier to entry and enabling options for education , upskilling and reskilling will encourage fresh minds to consider cybersecurity as a viable career path .
But those in the cybersecurity industry cannot achieve this alone ; working alongside education providers is an essential part of this . Prioritising STEM ( science , technology , engineering and maths ) pathways in education , and offering more visibility on security professional progression and reskilling are important first steps to take . There ’ s a common misconception that cyber professionals need to have a computer engineering degree to excel . This isn ’ t necessarily the case , as there are so many viable pathways for professionals to pick up skills that can set them in good stead . CISOs need to improve the optics around this through in-house training , or investment to make these pathways more accessible .
Investment today to protect the future
CISOs and decision-makers need to be forwardlooking in their approach to cybersecurity investment . Proactivity is a core element to defend against threat actors and mitigate the risk of vulnerability exposures . Anticipating what future pressures CISOs and security operations teams may have on their radar can be the deciding factor between whether a breach is successful or not , so it is crucial to remain a step ahead .
Alex Woodward , Senior Vice President – Consulting Delivery , Cyber Security , CGI UK & Australia
Investment in cybersecurity isn ’ t just a method to plug existing gaps , but a mechanism for proactivity and preparedness to defend against theoretical and tangible risks .
WWW . INTELLIGENTCISO . COM 49