Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


10:30 AM
Gaurav Banga
Gaurav Banga
Connect Directly
E-Mail vvv

How to Create a Dream Team for the New Age of Cybersecurity

When each member of your security team is focused on one narrow slice of the pie, it's easy for adversaries to enter through the cracks. Here are five ways to stop them.

Today, enterprises consist of complex interconnected environments made up of infrastructure devices, servers, fixed and mobile end-user devices and a variety of applications hosted on-premises and in the cloud. The problem is traditional cybersecurity teams were not designed to handle such complexities. Cybersecurity teams were originally built around traditional IT—with a specific set of people focused on a specific set of tools and projects.

As enterprise environments have grown, this siloed approach to cybersecurity no longer works. When each member of your security team is only focused on one narrow slice of the pie, it’s far too easy for adversaries to enter through the cracks. The following are critical steps chief information security officers (CISOs) must take in order to establish a dream team for the new age of cybersecurity.

1. Take a Talent Inventory
Before making any new hires, CISOs should evaluate their current cybersecurity talent and determine the competencies and gaps of each member on the existing team. Ideally, you want people who think creatively — and can think like the adversary. Successful hackers are resourceful and inventive, and they are looking for ways around your standard security controls. If the members of your security team are only concerned with whether existing controls are working correctly, you're going to get hacked. The attack surface is massive and growing every day, and your security team must include individuals who continuously look for vulnerabilities the adversary could exploit — no matter where they are — so these issues can be addressed.

2. Hire Top Talent or Outsource Top Talent
Hiring and retaining top talent for your cybersecurity team is crucial to successfully increasing cyber-resilience. This is not easy, especially when the cybersecurity skills shortage is only worsening. Training existing employees on security skills and arming them with new tools that leverage artificial intelligence, machine learning, and automation for a force multiplier effect is one way you can go. Alternatively, CISOs can choose to outsource parts of the security function to expert managed security service providers (MSSPs). No matter how you choose to assemble your team, it is critical that your security team understands your specific business and network context as well as your focus on improving cyber-resilience, and have the needed skills and tools to protect business-critical assets while continuously improving security posture.

3. Get Companywide Buy-in (Including Your Board)
Gone are the days when cyber-risk was manageable solely by the security team. According to Gartner, at least 95% of security failures through 2022 will be the result of human error. This could potentially stem from anyone in the company. All stakeholders in a business — including C-suite, employees, customers, partners, vendors, etc. — MUST be educated on how their actions can positively or negatively affect the security of their company, and how the success of the company lives and dies with cyber-resilience.

Security today is a business issue, not just a technology one, and everyone must do their part. CISOs need to shoulder the primary responsibility of getting everyone in the company aligned with their security objectives. CISOs must engage with their board of directors, educate them on cybersecurity challenges, and get them on board (no pun intended) with stated objectives and approaches to improving cyber-resilience. For example, after sharing a security posture transformation plan with his/her board, the CISO can follow up in three- or six-month increments and share exactly how much cyber breach risk has been reduced during the time period. CISOs should be able to quantify this with calculations and trends for items such as: "risk to intellectual property,""risk of operational disruption" and "risk to customer data." 

4. Get Proactive and Prioritize Accordingly
Many security tactics focus on reactively detecting and remediating attacks. Security teams are often completely overwhelmed trying to sift through alerts. If this is all we do, we will always be behind and will never get ahead of the adversary. Rather than being purely defensive, security teams should instead focus more efforts on predicting and proactively avoiding breaches. CISOs should set aside budget and team resources that focus exclusively on proactive efforts to improve the enterprise security posture.

That said, there are myriad potential attacks that threaten organizations through hundreds of attack vectors, making it impossible for CISOs to proactively protect all assets at all times. Therefore, CISOs must differentiate what is critical and what is less important in order to prioritize the necessary actions to protect essential business assets and information. It's also important to institute programs that address cybersecurity posture in a strategic manner, such as two-factor authentication, password managers, impact-based mean-time-to-patch SLAs, bastion hosts, and dynamic network segmentation. 

5. Add AI to Your Team
With the number of cybersecurity threats growing every day and increased digitization of assets/processes that could be vulnerable to those threats, it is mathematically impossible for humans to monitor for threats and sift through hundreds of thousands of vulnerabilities to determine which to prioritize. Even the largest security team composed of the most skilled IT professionals can't effectively accomplish this without the assistance of artificial intelligence. These tools, which continuously monitor all assets and proactively predict what vulnerabilities are most likely to be exploited, are becoming increasingly essential for keeping up with the constantly evolving attack methods employed by cybercriminals, as well as the ongoing digital transformation of enterprises. Humans are certainly still needed to effectively manage cybersecurity, but AI needs to be a welcome new member to the team.

Follow the above five tips, and you will have a dream team truly prepared to protect your business in this new age of cybersecurity.

Related Content:




Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industry's most knowledgeable IT security experts. Check out the Interop agenda here.

Gaurav Banga is the founder and CEO of Balbix, and serves on the boards of several companies. Before Balbix, Gaurav was co-founder and CEO of Bromium and led the company from inception for over five years. Gaurav has a Ph.D. in computer science from Rice University, and a ... View Full Bio
Comment  | 
Print  | 
More Insights
Threaded  |  Newest First  |  Oldest First
Data Leak Week: Billions of Sensitive Files Exposed Online
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/10/2019
Intel Issues Fix for 'Plundervolt' SGX Flaw
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/11/2019
Register for Dark Reading Newsletters
White Papers
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2019-12-14
There is an improper authentication vulnerability in Huawei smartphones (Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro). The applock does not perform a sufficient authentication in a rare condition. Successful exploit could allow the attacker to use the application locked by applock in an instant.
PUBLISHED: 2019-12-14
Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal.
PUBLISHED: 2019-12-13
There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition...
PUBLISHED: 2019-12-13
Huawei CloudUSM-EUA V600R006C10;V600R019C00 have an information leak vulnerability. Due to improper configuration, the attacker may cause information leak by successful exploitation.
PUBLISHED: 2019-12-13
Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board m...