What security concerns should your CIO be worried about?

Today's modern CIOs face a set of expectations, opportunities and challenges that have grown enormously in the last decade. This fundamentally revolves around a question: "How can IT provide value for the business?"

In conjunction with emerging technologies, there are the challenges of people management, process and compliance. Wrapped around all this is the concept of security. What "security" means for an organization has changed drastically in recent years.

Historically, security was seen as an operational task. The companies had a firewall, an antivirus software and, perhaps, an IPS (Intrusion Prevention System). Things have changed enormously since then. The role of the CSO (Chief Security Officer) or CISO (Chief Information Security Officer) has been created specifically to face these challenges. This role was responsible for protecting the organization from the increasing cyber threats and / or data breaches.

In addition to the many other responsibilities of CIOs, they must also be a part of CSOs. In the same way that the CIO is responsible for their budget for the CFO, they must also learn and adopt mature security postures. While the CSO and the security team are experts in emerging threats, CIOs must now structure a general level of awareness and competence throughout the organization.

The threats that companies face today are unique because they are fluid and changing. Every week there is a new story of a data breach or compromise, and we know that what is publicly disclosed is just the tip of the iceberg.

Every business vertical has data that would be financially harmful if made public. If it is about intellectual property for chemical manufacturing, information about patients in medical care, financial information from clients in banks, information from credit cards stolen in retail stores, security has become a conversation in the boardroom due to the how it impacts the final result.

Application of the principles

Modern CIOs have an important role in ensuring that data from private companies remain private. This happens together with the CSO / CISO and the audit / compliance. Too many of the current commitments happen opportunistically because the basic principles do not apply.

  • Make sure systems are updated in a timely manner. Too much malware exists for known and patched exploits.
  • Proper identity management, without shared accounts, use good passwords.
  • Make sure that firewalls are really less privilege. Do not have Windows systems with RDP open from the Internet and block outgoing connections.
  • Encrypt all endpoints, it's free, use it. Too many data breaches come from lost hard drives or devices.

While these seem fundamental, they can go a long way towards improving the security stance of your organization.

The next level in general is based more on the orientation of the security team, but it requires a lot of operational support and integration. This is where things become much more interesting from the point of view of a technician.

  • How do we implement IPS (Intrusion Prevention System), WAF (web application firewall) and other type 7 in an effective way? [19659010] How do I do this in a world where most traffic is encrypted?
  • How do we implement a SIEM solution (Security Information and Event Management) that will add records of each point of the technology and can execute in real time threat intelligence and automatic learning about this data?
  • How do I enable two factor authentication in each part of my environment?
  • I must assume that I am already violated, or I will be in the future. How do I reduce my average time to detect a violation?
  • If a malware sent stolen data hidden in DNS queries, would you know?

The challenge is double. In the first place, although the technology exists to solve all the previous problems, it also comes with a significant price. Second, if you have the resources to acquire this technology, the human operational time to deploy and manage all this technology can be overwhelming.

Today's CIO today has a plethora of new challenges to face in terms of security, while advancing business capabilities to generate revenue. Modern and agile development cycles together with the best security in its class. CIOs can have a great impact by promoting and applying the basic security principles around the application of patches, good firewall management and training.

Current security expectations require a strong relationship between CSOs and CIOs. In many cases, a professional service provider adds a significant amount of value to an organization's ability to implement and obtain value from new technologies that are developed and launched continuously.

In summary, focus on the basics and do not be afraid to take advantage of experts to use emerging technologies.

Sean Donaldson is CTO at Secure-24 . He has a solid technological background of more than 15 years of development of world-class infrastructure solutions and critical application management.