Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Partner Perspectives  Connecting marketers to our tech communities.
1/28/2016
10:22 AM
Scott Montgomery
Scott Montgomery
Partner Perspectives
50%
50%

Why InfoSec Pros Should Keep A Close Eye On Cyber Efficiency

No organization will ever be impervious to breaches, but efficient organizations can lower their overall spend.

The intense demand for trained information security and privacy practitioners is reflective of the convergence of technology, productivity, and profitability. CIOs and CISOs that balk at enabling more mobile, cloud, and Internet of Things (IoT) tools not only find themselves in a cultural conflict, but as more and more devices become IP-enabled, reluctant security practitioners will also find themselves at odds with the business or mission of the organization.

For instance, Boston Consulting Group indicated that the remote cardiac monitoring market in the US alone would eclipse $1 billion in 2016, a specific example of the convergence between technology, productivity, and profitability. The ability for a doctor to remotely adjust a pacemaker without a patient visit or in an emergency situation has a profoundly positive impact on patient care. Information security and privacy practitioners simply must find a way to enable this kind of technology while encompassing the risk as best they can.

At the same time, there is a systemic personnel problem. There are simply far too few trained information security and privacy practitioners available to organizations; the baby boomer generation is taking decades of experience with it into retirement; and the prospects for replacing them are bleak. The 2015 (ISC)2 Global Information Security Workforce Study estimates two global labor gaps: the gap between the existing workforce and what the respondents’ companies are funded to hire (600,000 workers), and the gap between the existing workforce and what those companies believe the need is (1 million further workers). As more devices become IP-enabled for the first time and need to be incorporated into an organization’s information security and privacy posture, the tax upon practitioners will become even more pronounced. Also, for the first time in the (ISC)2 study, practitioners have become acutely aware that the premise that they’ve used for the last 20 years -- buy unique tools for each specific IS and privacy problem -- has created an unwieldy “sprawl in security technologies.”

All of these conditions -- demand, expanding IP footprint, convenience, cost reduction, and insufficient trained practitioners -- create an untenable competition between business or mission enablement and security. Evidence of this competition can be seen in the dramatic increase in time from breach detection to remediation. The (ISC)2 study results show a troubling trend indicative of a workforce stretched by demand and sprawl, as indicated in the chart below:

It is for these reasons that dramatic improvements in both efficiency and efficacy should be the goal of any decision IS teams are considering. The ability to get to solid results quickly is the only way that teams can compete with the mathematical problems described above. Any decision regarding methodology, vendor, product, or service that doesn’t demonstrably increase efficiency and efficacy is a bad decision.

Organizations that invest in ensuring that their infrastructure becomes more streamlined, automated, interoperable, resilient, sprawl-reducing, and focused will stay ahead of the math and enjoy the most important results.

No organization will wind up impervious to breaches, but efficient organizations will lower their overall spend by consolidating the number of vendors, tools, and services they use; reduce their labor-hour costs by ensuring automated means of execution; reduce the number of events that operators and analysts need to respond to manually; and shrink the hours operators and analysts spend by reducing events requiring follow-up to fewer, more noteworthy events. The time between breach and detection and the time between detection and remediation will drop measurably, ensuring that breaches don’t have a material effect on the business or mission of an organization.

Over the next few weeks, I’ll explore several techniques that will allow organizations to improve their efficiency and efficacy and reduce the labor hours and per-hour costs associated with operations.

Scott Montgomery is vice president and chief technology officer for the Americas and public sector at Intel Security. He runs worldwide government certification efforts and works with industry and government thought leaders and worldwide public sector customers to ensure that ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
HusseinB453
50%
50%
HusseinB453,
User Rank: Apprentice
1/28/2016 | 3:46:25 PM
A refreshing and insightful perspective
I was delighted to find this article and the sentiment is conveys resonates with me. As an advocate of KnowIT aka 3IT (NoDev, NoOps and NoIT) Scott's assertion:

"Any decision regarding methodology, vendor, product, or service that doesn't demonstrably increase efficiency and efficacy is a bad decision"

Rings true and echoes the assertions of the NoIT and NoDev principles:

"Eliminate IT systems that demand the attention of humans" and "Only engage in development projects that unambiguously and unequivocally generate revenue for the business or enhance customer experience"

Decisions pertaining to Cyber Security must be held to the same principles. While it may be a stretch to say that poor Cyber Security spending can kill a business; burdensome administration, proliferation of manual processes and the introduction of disjointed IT systems can have a greater negative effect on the bottom line than the secrutiy threats they purport to mitigate.

There are emerging technologies that can make a great impact on increasing the ROI of Cyber Security and CISOs should seize the opportunity to leverage innovation to reduce costs and streamline the administrative processes they own.

I look forward to your future article on this subject. 

 
News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31755
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setmac allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31756
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /gofrom/setwanType allows attackers to execute arbitrary code on the system via a crafted post request. This occurs when input vector controlled by malicious attack get copie...
CVE-2021-31757
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setVLAN allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31758
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setportList allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31458
PUBLISHED: 2021-05-07
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...