Businesses today confront a common set of cybersecurity challenges, from cyber attacks and ransomware to cloud security and vulnerability management. But how different security leaders successfully address them can vary significantly. Factors like industry, size, budget, regulations, daily operations, legacy technologies, and types of digital assets can all influence the strategies security leaders adopt. The extent to which a business supports remote work and allows mobile access will also significantly impact its cybersecurity strategy. As organizations grapple with unique circumstances and components, there's no one-size-fits-all security.
What does that look like at actual businesses dealing with today's security pressures? In our webinar, "Real World Cybersecurity Strategies that Work," our panel of security leaders share how they navigate the realities of today's top cybersecurity challenges.
- Attila Török, Chief Information Security Officer, GoTo
- Allen Cox, Senior Director of Security and IT, MyFitnessPal
- Bob Stasio, Chief Information Security Officer, Renaissance Learning
- Moderator: Peter Mahoney, Chief Marketing Officer, GoTo
Using Zero Trust as a security framework
Companies with a highly mobile workforce must implement additional measures to secure remote connections and devices. IT infrastructure, including hardware, software, and networking components, increases in complexity as organizations move beyond a traditional office to support and secure a mobile workforce that permits Bring Your Own Device (BYOD).
When asked to define zero trust, GoTo's CISO Attila Török sees it as a security concept and framework that assumes no implicit trust, even among users, systems, and networks within the corporate perimeter. “Zero trust is really part of that bigger tech fitness picture,” he says. “It’s about asking how comprehensive is the protection offered by these tools. Are these tools robust in terms of security - but also flexible. Do they keep pace with technology investments?”
Traditional security models often rely on trusted internal and untrusted external networks. Zero trust treats every network communication and access request as untrusted and requires identity verification every time, regardless of the source. Key principles also include least privileged access, network segmentation, continuous monitoring, dynamic policy enforcement, and data encryption.
Automating cloud security for proactive risk mitigation
For companies whose products and services revolve around cloud infrastructure, security is vital to protecting critical data and daily operations. Implementing cloud security requires identifying and addressing misconfigurations, vulnerabilities, malware, and other threats.
Our panelists discuss how automation with tools like Wiz helps their teams to stay ahead of potential issues. In a cloud environment, where threats can emerge and spread rapidly, automated scans and tests can help mitigate the impact of security incidents and reduce response time. “They look for vulnerabilities, they look for misconfigurations, they even look for the presence of malware that may exist in that environment,” says Bob Stasio, CISO of Renaissance Learning. “We have an automation now where any of those issues will generate a ticket, and that ticket then gets prioritized and sent to the engineering team to remediate, and we have certain SLAs based on the criticality [of the ticket].”
The discussion also turned to aligning the security and IT infrastructure teams. Collaboration helps ensure the organization integrates security into IT infrastructure design, implementation, and maintenance. Cooperating on design decisions, risk assessments, and security requirements provides a proactive response to potential vulnerabilities.
Managing incident response with security orchestration, automation, and response
Security orchestration, automation, and response (SOAR) integrates and streamlines security operations and incident response processes. SOAR platforms combine organization and automation to enhance the efficiency, consistency, and effectiveness of security operations. Why does that matter? SOAR reduces the time and effort required to mitigate threats, improves organizational visibility, automates routine tasks, enhances collaboration, and adapts to the evolving threat landscape.
When the roundtable turned to best practices with SOAR, our panelists discussed accelerating workflows and decision-making. Can aspects of SOAR be incorporated across all tools and processes? How can it drive efficiency in security processes? “When I think about automation through SOAR, the thing that really comes to mind is just acceleration,” says Allen Cox, Senior Director of Security and IT at MyFitnessPal. “We're trying to accelerate the response to the incident. The way we approach that, can either be workflow driven, or more decision-making driven.”
In some ways, these process improvements are akin to tech fitness, where an organization works to strengthen its overall health and readiness to adopt and manage technology effectively. Just like personal fitness reflects an individual's health and ability to perform, tech fitness evaluates an organization's ability to adapt to technological changes and navigate a competitive digital landscape. A SOAR framework can help businesses strengthen their tech fitness as they streamline processes and respond to evolving cyber threats.
Thinking through Artificial Intelligence
Artificial Intelligence (AI) may be all the buzz. Still, security considerations are at the forefront when companies consider leveraging AI capabilities for internal processes or incorporating AI technologies into their SaaS products.
Our panelists dove into the security aspects they think about with AI, including data collection, storage, access, and privacy. How does the use of AI meet industry regulations around security and privacy? What is the quality of the data used to train the AI model, and what are its potential weaknesses or issues?
“AI models rely on data,” says Attila Török. “Companies have to adhere to security and privacy regulations. So, you need to know, what is the data you’re putting into your AI model? What is the data you’re getting out of it in relation to actual humans? This relates to the data collection, storage, and access, and the data you collect with AI or feed to the AI.”
In discussing best practices, our panelists noted that vetting any products and vendors claiming to incorporate AI is crucial. Unfortunately, many services lack transparency around how their AI stores and uses data. Recommended best practices include exercising caution when partnering with AI-powered vendors, particularly those in startup mode or with newly launched products. Having a cross-functional committee of IT, security, legal, and other internal stakeholders to evaluate AI usage from all angles can help assess risks and weigh the benefits over the dangers.
Looking for more best practices in cybersecurity? Watch our on-demand webinar to gain insight from experienced leaders about modern cybersecurity strategies.
