“If you’re not assuming breach, you’re much less likely to be able to respond quickly.” Those words, from Rubrik Field CTO Jason Cook at the CDW Solution Forum on Cybersecurity, sum up the key difference between today’s cybersecurity landscape and that of years past. Threat actors are driving organizations to adopt a more proactive approach to security and recovery.
The 100-plus IT and security leaders at the forum, held Oct. 19-20 in San Antonio, are working toward cyber resilience: an organization’s ability to anticipate, manage and recover from attacks to its systems. As leaders shared in panels and discussions throughout the event, achieving cyber resilience comes down to assessing and managing people, processes and technology. But before that can happen, organization-wide change needs to occur.
Click the banner below to keep in touch and receive Insider content after the conference.
Nurture the Three Pillars of Success: People, Process and Technology
“It’s all about the people,” said Wanda Miles, senior security and compliance program manager at Exabeam, during a session on behavioral analysis and ransomware. Burnout, skill gaps and staff shortages combine to create stresses on resiliency, hampering the cultural shift necessary to elevate an organization’s security posture.
To keep personnel engaged, Jeremiah Salzberg, chief security technologist at CDW, suggested avoiding the temptation to train by rote. People in the IT and security fields are driven by curiosity, so keeping staff members challenged and giving them “time to play” can help them continue to develop creative solutions. An audience member noted that his team rotated tasks so that no one person was left responsible for repetitive work; instead, colleagues shared responsibilities across the board.
LEARN MORE: How managed detection and response can improve your security posture.
As for process, Cook recommended taking an approach of continuous recovery and proactivity. Miles suggested using behavioral analysis to understand the interaction points between users and systems. In her experience with using behaviors to detect and thwart ransomware, Miles has found that using processes that detect unusual or threatening behavior can help teams proactively intervene, whether that’s through educating new employees about phishing attempts that target people who aren’t yet familiar with security protocols or simply implementing a patch.
Speakers at the forum agreed that technology follows from the people and processes. Approaches such as zero trust and implementation of security operations centers can help organizations improve their security posture. But, ultimately, security tools need an effective strategy and the right people in place to use them.
Successful Systems Build Trust and Resilience
Business solutions differ from cybersecurity solutions, said Gary McIntyre, field strategist for CDW, making it crucial for security professionals to set expectations with organizational leaders around cyber resilience.
“How many people here have a very clear idea, or a reasonably clear idea, of what the business expectation for recovery would be for their environment?” he asked the audience. “That’s probably a good place to start. … Certainly, if you do get hit, the business still expects you to recover. The staff or board is going to ask, ‘How long is it going to take to recover?’ And as a practitioner, it depends. They don’t want to hear, ‘It depends.’”
To build the trust security leaders need from their chief stakeholders, they must have resources — a Catch-22 of investment. McIntyre recommended reading an organization’s financial report to understand what drives value, then approaching resource conversations with those values in mind.
Miles has seen interdepartmental success through implementing smart systems. Because new employees are prime targets for social engineering attacks, she’s seen human resources departments reach out to her to better coordinate risk assessment and protection.
When approaching organizational leaders, security leaders would do well to stick with the big picture to help achieve cyber resilience. “Focus on the fundamentals,” Salzberg said. “I keep saying that, and it’s for a reason.”
Find BizTech’s full coverage of the event here, follow our live news coverage of the CDW Executive SummIT on X (formerly Twitter) at @BizTechMagazine and join the conversation using hashtag #JoinCDW.