“If there was something that could guarantee that you would not suffer a breach, everybody in this room would have it,” said Christopher Fielder, field technology officer at Arctic Wolf.
But it doesn’t exist right now — at least, not yet. Which is why Fielder urged IT leaders to stop treating a breach as a failure and use it instead as a chance to get better. “The only failure is if you’ve been breached a second time through the same means, because that means you haven’t learned,” he said.
“A breach that does occur shows that there is a gap in your risk management policy,” said Fielder. So, use that moment to run diagnostics, run patch management, incorporate security into your DevOps workflows, and offer training to improve the organization’s security posture.
At the CDW Executive SummIT, hosted in Chicago, IT leaders, experts and industry partners said improving visibility across an organization’s systems is its best defense. Here are three agile strategies from experts at the SummIT that can help businesses future proof their security operations:
Click the banner below to become an Insider and gain exclusive insights after the SummIT.
1. Consider a Platform-Based SOC to Unite Disparate Tools
Integrating technologies is akin to orchestrating a symphony where all the instruments play in harmony, enhancing the overall performance and efficiency — when it works, it’s beautiful; if it doesn’t, it can be chaos, said Eyal Altman, senior vice president and chief digital and IT officer at electronic manufacturer Littelfuse.
One major challenge is that organizations have different tools in their security operations centers that are not designed to co-exist. This discontinuity can create potential blind spots, said David Falcon, senior solution architect and systems engineer at Palo Alto Networks. Sometimes, he explained, “you can work to get the tools to talk to each other,” but it’s not always possible. “We want to move away from this kind of piece-by-piece-by-piece and take a more platform-based approach. It all comes down to visibility.”
A platform-based SOC significantly enhances security by offering a unified, comprehensive view of an organization's cybersecurity posture, enabling real-time analysis and rapid response to threats across the entire digital landscape.
Securing IoT devices is also a crucial step because any new device introduced to an IT ecosystem can become an entry point for an attacker, explained Beau Perna, senior director of supply chain strategy at CDW.
WATCH: CDW LEADER MIKE KENNEDY SHARES HOW TO GET EXECUTIVE BUY-IN ON IT INVESTMENTS
“By the end of 2024, there are projected to be more than 207 billion devices connected to the worldwide network of tools, toys, devices and appliances that make up the Internet of Things,” according to a recent Forbes report. Any gap in security between these connection points poses an exponential risk.
As a defense, experts recommend running continual diagnostic testing; adopting a zero-trust, end-to-end encryption strategy to safeguard data in transit; and setting standardized protocols when new tools are added to the mix.
READ MORE: Experts share how to navigate the data-driven world of AI.
2. Leverage Threat Modeling and an Adaptive Security Posture
Once IT leaders accept that breaches are inevitable, they can adopt a proactive approach to security. Threat modeling practices, for example, can identify potential threats in advance and map out a defense strategy.
The process begins with defining a system's architecture, pinpointing critical assets and outlining potential attack vectors. Teams then analyze these, assessing the likelihood of different threats and their impact. Based on this analysis, organizations can develop and implement a mitigation strategy, continually updating the model as new threats emerge. This allows them to be more prepared and run ongoing risk assessments.
WATCH: Top use-cases of IoT devices across industries.
For Todd Felker, executive strategist at CrowdStrike, one key question IT leaders should ask is, how quickly can attackers move through the system? The answer is crucial: If the speed of your adversary is faster than the response rate, the response is too slow, and IT leaders need to improve the threat management program. If the speeds are the same — or, ideally, if the defensive response is faster — the organization has a solid security posture.
3. Embed Security into the DevOps Process
If security is present from the start, the entire IT process will be set up for success. To do this, experts recommend integrating security measures directly into the continuous integration and continuous delivery (CI/CD) pipelines. This DevSecOps approach ensures that security checks and threat assessments are automated and happen in parallel with development and deployment.
With security considerations made at the outset of project development, IT leaders can trust the data they are using to pilot new projects. Setting the tone in this way also promotes a culture of security. For Ziad Azzi, head of partner engineering in the Gen AI Center of Excellence at Google Cloud, it’s about designing a vertically integrated infrastructure with built-in security and privacy. “If all your data is secure and gets placed in a secure tenant,” Azzi said, “other companies will not be able to have it.”
DISCOVER: Build an agile and integrated cyber resilience strategy for your organization.
By folding security into every pilot program, artificial intelligence app and system integration, organizations can safeguard their digital innovation and stay agile — knowing that it’s impossible to reduce their risk to zero.
Find BizTech’s full coverage of the event here, follow our live news coverage of the CDW Executive SummIT on X (formerly Twitter) at @BizTechMagazine and join the conversation using hashtag #CDWExecutiveSummIT.