Cyber Resilience Begins with Effective Cybersecurity
As a former navy cryptologist, I most certainly equate the realm of cybersecurity and the technologies around it as evolving warfare. In the past, war commenced with slings and stones, which then transitioned to arrows and swords, to the present day guns and nuclear weapons. In the same way, technological developments and automation tools such as the security orchestration, automation and response (SOAR), have taken the forefront in ensuring safety within organizations. To this end, I see some major challenges that have a lasting impact on enterprises, from majorly an organizational and vendor standpoint. From an industrial context, it seems that most firms are willing to adopt and implement advanced and cutting-edge technology to improve cyber hygiene. They also look forward to automating their operations as much as possible to keep pace and combat against advanced ransomware attacks, but in the process where they falter is the lack of appropriate knowledge about the basics of implementing security programs to create a strong foundation for organizations to be safe from cyber threats. On the other hand, the vendors also seem to respond to the latest cyber attacks, but a lot of those center on marketing measures and are not quite instrumental in solving issues of breaches.
Being on the defensive line of the cyber warfare, our strategies should incorporate tools and techniques to defend the networks within enterprises and improve our procurement by having oversight and agility
My focus as the CISO of the City of Phoenix is to have an insightful assessment of how the city operates as well as identify areas of potential weaknesses and threats can exploit those weaknesses. I have a distinct way of approaching the issues at hand. Firstly, I am much enrapt in the concept of acquiring the best of breed methods and tools for reinstating security, which is not just influenced by cost but what is best for the organization. Another thing I look into is the data points and the sources of relevant information to make the best decisions possible. Thirdly, I depend on productive conversations with my peers who have previously installed a piece of technology or executed a particular methodology. This one-on-one talk and in-depth interviewing gives me better visibility into the functionalities and the drawbacks in a particular system or program, given the right questions are asked during these interactions.
The other aspect that needs to be kept in mind is not to get locked into a vendor-driven ecosystem. What this actually refers to is the vicious cycle of buying all components of a particular system for a proper functional security measure. This not only prevents organizations from exploring other best-in-class vendors but poses them with a significant pinch to their budget, which further prompts organizations to question about the aptness of the solutions. Additionally, we can ensure security within organizations by not only focusing on the basics but by striking a balance between technology and human capital through cost-effective solutions. There are several municipalities and local government bodies for whom the expenses for maintaining security and protection can be a hassle and this raises the need to look to managed security providers to counter ransomware and other attacks. What remains most crucial among vendors is not to lock each other out but maintain a healthy competition in the landscape. We adopt a methodology of interacting with our counterparts and other security personnel, along with conducting vendor demonstrations, in-depth technical discussions, on-premise tests and evaluations. We also make sure to update our vendor lists annually to bring about something more than cybersecurity; cyber resilience.
We report directly to the city manager and to the city council, in doing so, we are frequently faced with the question as to when we can be secure in entirety. But I feel the real goal is cyber resilience. What I mean by this is at the occurrence of a cyber attack, we should be equipped to keep the damages to the minimum and assure seamless and smooth operations. Organizations need to realize that cyber resilience is the ultimate goal that needs to be chased. Being on the defensive line of the cyber warfare, our strategies should incorporate tools and techniques to defend the networks within enterprises and improve our procurement by having oversight and agility to address the requirements of the city council efficaciously. This further helps us to respond to threats more swiftly and keep all team members of the organization on point and moving ahead.
My former career role as a cryptologic warfare officer has taught me to lead my team by example. How I like to define myself is not being risk-averse or cavalier, but dexterous and always aspiring to be better. I always engage in fruitful meetings that allows me to have a better understanding of the enterprise security landscape. Alongside, I strive to meet the resource needs of my team and bring the relevant issues into the spotlight, to lead organizations toward a more resilient posture.
As leadership and team effort is what makes a successful enterprise, I believe most of my peers in the enterprise security should take heed never to quit, even when it seems to be a complicated area of operations. Security and its practical implementation is a continuous learning process, and for my part, I strive to acquire a new knowledge and make a commitment to constant learning. We should also strive to challenge ourselves to be better and prove our mettle as better leaders by listening to all our teammates and surround ourselves with smarter people to learn and improve our knowledge. Therefore, whether you are a technologist, manager, or even an executive, it is vital to seek first to understand than to be understood, to build a strong team and a secure organization.