CISO Insights: Highlights from Tech Talk Podcast’s Interview with Ric Longenecker
Good cyberhygiene is a marathon, not a sprint. And marathons require a long-term, laser-focused commitment to training, improving, testing, and the like (unless you’re Ric and you’re running the New York City Marathon – to get that reference, you’ll have to listen to the podcast). As cyberattacks continue to ramp – for instance, there were more attacks in the first half of 2020 than in all of 2019 – it is imperative that enterprises do not let their cyber muscles atrophy. Listen in as Ric provides a playbook to run your race:
Key takeaways include …
“Seconds count in these types of [ransomware] cyberattacks.”
Identifying and responding to a breach as early as possible in the cyber kill chain can make the difference between a minor issue and a catastrophe. There is no better example than the still unfolding SolarWinds story.
But early identification is only half the equation. There’s minimal value in detecting a breach if you have no ability to properly respond. Hence, it is critical that your business consider cybersecurity in its corporate business continuity and disaster recovery plans, as well as develop a specific incident response plan for various types of breaches.
“We believe in good communication.”
It is important that organizations communicate creatively, concisely, and regularly with their team, providing encouragement and incentive to report suspicious activity early and often. The gold standard in detection is to find a breach before it ever breaks through the perimeter. However, given the current state of the cyber universe, the safest assumption is that breaches are inevitable and aligning your entire organization to this reality is a key part of good cyber defense.
“As risk goes up, costs goes up.”
Insurers are paying out for cyberattacks in record numbers (see recent spikes in ransomware as one proof point). And boards are taking notice. This means that more is being asked of IT teams than ever before as the enterprise’s reputation is on the line. This in turn, is driving IT organizations to find partners (like Open Systems) to help them become more proactive in monitoring their environment.
“Doing it in-house can be quite a chore.”
The amount of time and effort to scale your in-house cybersecurity operations end-to-end is significant – so much so that for many companies, it’s a non-starter. This is why finding a partner that blends artificial intelligence with real-life people intelligence to keep eyes on your network 24x7 can mean that your organization can respond intelligently to attacks – and at scale.
2021 is poised to be a banner year. And Open Systems will be here for it.