Cybersecurity: top of mind Q and A

November 14, 2019 | Todd Waskelis

I really enjoy Shira Rubinoff's videos, and captured one of them in case you prefer reading to watching videos. Please find snippets of this commentary in the AT&T Cybersecurity video series with Shira Rubinoff interviewing me recently.

Q1:  How will CISO’s investments change in 2019? What areas of cybersecurity do they see receiving more funding?

  • Many large and mid-size businesses are recognizing security requires more than just a technology investment. Service organizations bring technology, expertise, and resources to the table in a way that may be a more cost-effective alternative to trying to manage all this internally
  • Lack of resources as a major challenge along with keeping up with advancements in cybersecurity technology by utilizing outside service providers rather than hire, retain, and manage staff
  • For the CISO, this translates to set a big picture of priorities such as maintaining customer trust and keeping the organizations name out of the headlines. In order to accomplish these priorities, there are essential areas where security executives will spend their time, and money in 2019
    1. Develop a culture of security: The culture must go together with policies and best practices. Every single person within the organization has some responsibility for security
    2. Security and Risk Management: Governance and resource requirements, security frameworks, data protection, training and awareness, insider threats, third-party security practices as outsourcing increases
    3. Cloud Services: Cloud strategy, proper selection of services and deployment models. Scalable and elastic IT-enabled capabilities provided as a service utilizing internet technologies
    4. Gain threat visibility across all platforms: You cannot secure what you cannot see. Having data spread across multiple tiers of applications and cloud services, and sometimes out on unauthorized services has greatly impacted the CISO’s ability to have unified visibility
    5. Grasp the perimeter: Thanks to cloud computing, mobile devices and IoT, the perimeter is an archaic concept. The operations teams both security and IT need to change their assumptions about traffic, trusted users and the idea that there is a single demarcation point between public and private clouds. CISOs are now faced with new tactics for managing those perimeters.

Q2: Can you give us your perspective of what you’re seeing right now in cybersecurity? What are the biggest issues and then what can we expect looking forward? How zero trust is maturing into digital trust and the evolution of predictive threat detection?

  • In today’s environment, the network can no longer be considered a safe zone. In fact, there is no safe zone. As the risk of insider threat scales exponentially, every asset an organization possesses and every transaction it conducts must be secured as if it were a standalone item continually exposed to the full range of cyber threats. Essentially everyone is “inside”, because the network is perimeter less.
  • The understanding that perimeter protection alone is not enough has increasingly led to the security concept of Zero Trust, which is beginning to play a large role in. Building a secure Zero Trust Organization is based on a never-trust/always-verify approach to all entities and transactions in which multiple solutions work together to secure digital assets

Q3: Is cloud security getting better or do companies now better understand their role in managing cloud security?

  • It is a combination of both better cloud security controls and better understanding of how to manage them. As technologies become less hardware dependent and move to virtual functions, security controls for cloud environments are becoming more scalable and easier to deploy. In parallel, the ability to monitor and report on the effectiveness of those controls is becoming easier for organizations
  • Initially, cloud service providers first hit the market with a “Trust Us” mentality and didn’t do a great job making companies feel like their security and compliance concerns were being heard. That tide has shifted, and cloud providers now fully appreciate the security requirements their clients are asking for
  • Cloud providers are now becoming more open and accommodating of security data and controls, and more vendor solutions can bridge the gap between implementations on-premises and in the cloud. As a result, the fear of adopting cloud services, often driven by the lack of security controls and visibility into the controls, is lessened. There’s progress, and more acceptance of in-cloud controls and services – but that progress is still slow

Q4: Is SOC as a service the right approach for smaller companies?

  • Cybersecurity is not just an IT problem, it’s an organizational issue and you can’t manage what you can’t see. Every organization should be aware of the cyber activity within its environment. Even a small network generates over 250,000 logs per hours. An impossible task for a human to review. There are many ways to monitor and report on this, but it ultimately comes down to people, technology, and budget. That spending decision must be commensurate with the risk appetite of the organization
  • We now live in the days of sophisticated digital hackers so your concern shouldn’t be if you’re going to get hacked, but what you’re going to do when it happens. Making sure your business invests in a security operations center (SOC) can be your saving grace during an attempted cybersecurity attack. A security operations center is an organizational hub of skilled team members and technology whose goal is to detect, prevent and respond to cybersecurity threats in as close to real time as possible. For best results, the SOC must keep up with the latest threat intelligence and leverage this information to improve internal detection and defense mechanisms.
Todd Waskelis

About the Author: Todd Waskelis

Todd Waskelis leads the AT&T Cybersecurity Consulting business and is responsible for the strategic direction, service delivery and P&L operations of the group. Todd’s organization provides both strategic and tactical cybersecurity consulting services to businesses as well as government agencies covering a wide spectrum of offerings from compliance and risk management to technical services for emerging technologies such as IoT, cloud, and mobility. His career focus has been on helping customers drive business benefit through the exploitation of technology and driving improvements in organizations while sustaining security, managing compliance and mitigating risk. Todd joined AT&T Cybersecurity through the acquisition of VeriSign in October 2009, where he performed similar duties as the Vice President & General Manager of VeriSign’s Global Security Consulting organization. With active professional certifications and more than two decades of experience, and an enviable knowledge of business and technology Todd has earned the respect of global, top-named clients and industry insiders. Todd’s understanding of business has enabled him to create innovative solutions for his customers that align with key organizational objectives. Utilizing his keen business insights and ability to communicate with technical and non-technical audiences, Todd has been able to collaborate with corporations to analyze, develop and implement enterprise-wide cybersecurity solutions that support key business drivers. Todd has worked with clients in the financial, retail, healthcare, manufacturing, utilities, transportation, service provision and industrial sectors. He manages a multi-million dollar consulting practice while leading a highly successful team of security consultants that serve customers across the globe. Todd has been invited to speak to security conferences, advisory councils across industry verticals including healthcare, financial and has participated in numerous industry forums. In addition to holding Certified Information System Security Professional (CISSP) certification, Mr. Waskelis is also a Qualified Security Assessor (QSA) for the Payment Card Industry and serves on the board of the New Hampshire Chapter of the Information Systems Security Association (ISSA). Mr. Waskelis’ experience is the result of more than 25 years of operations leadership at various organizations and over 20 years of information security experience. Mr. Waskelis holds a B.S. in Management, Information Technology and has extensive experience in media relations including radio, press and live television appearances

Read more posts from Todd Waskelis ›

TAGS: mssp, ciso

‹ BACK TO ALL BLOGS

Get the latest security news in your inbox.

Subscribe via Email

Watch a Demo ›
Get Price Free Trial