Intelligent CXO Issue 24 | Page 25

BUSINESS STRATEGY

BlueFort expert on the crucial role of intelligence-led visibility in defending your external attack surface

The rise of cloud-based technology has allowed a fast-paced expansion of external attack surfaces and as cybersecurity starts to rise on the C-level priority list , it has become clear that organisations must think about risk mitigation in new ways . Josh Neame , CTO at BlueFort , tells us how stripping back these systems and taking an intelligence-led visibility approach is the most effective route to avoiding future threats .

w

What are the biggest challenges organisations face in the current cybersecurity climate ?
Looking across all of the organisations we support , visibility is one of the primary cybersecurity challenges we see security teams facing today . It ’ s not a new issue , but the changing nature of the landscape means the scope of the challenge is far wider . The shift to remote working during the pandemic pushed the workforce away from the office , but we ’ re now seeing the tooling move beyond the traditional four wall structure too , with enterprises taking on more Software-as-a-Service ( SaaS ), Platform-as-a-Service ( PaaS ) and Infrastructure-as-a-Service ( IaaS ) solutions . As a consequence , IT is becoming increasingly sprawled out ; where security teams traditionally needed to focus visibility over a single location , now they face an ever-changing and expanding list of locations , users , devices and services .
BlueFort conducts an annual survey of UK CISOs and the visibility challenge was a common theme in our 2022 study . More than half of those surveyed don ’ t know where all their organisation ’ s data is and how it is protected . Many have also lost track of corporate devices and left legacy systems unmonitored .
The key takeaway is security teams are essentially losing track of their workforce , so regaining visibility is one of the key challenges facing organisations . You can ’ t build intelligence and put controls in place unless you have visibility , so this is a fundamental first step in a long-term security strategy .
Why is it vital for decision-makers to understand their users , data and assets while protecting their infrastructure ?
MY ADVICE IS ALWAYS TO ASK PEOPLE TO TAKE A STEP BACK , REVIEW THE INFORMATION THEY ' VE GOT AND CONSIDER ANY GAPS .
We are starting to see a positive change in how people think about cybersecurity , and this is being driven at a number of different levels . The board is more engaged with cybersecurity , particularly due to coverage of cybersecurity in the press , high profile fines and new legislation . But equally , people in general are paying more attention to security , both in their personal life and as an employee . Even something as simple as people setting up multifactor authentication ( MFA ) on their Facebook accounts shows a mainstream security-driven culture is starting to gain traction .
Traditionally , security teams worried about the infrastructure – the focus was centralised , everything was under lock and key in your data centre ( or your hosted data centre ) and you knew this was where all of your important data was . The IT sprawl we ’ re seeing means understanding your infrastructure is no longer enough . IT teams must now look beyond infrastructure to try and understand their users : who are the users , where are they , what are they doing , what devices are they on , what assets and services do they need to do their job ? These questions now play a far more important role in protecting data in a modern IT environment ; infrastructure alone can no longer tell you what data you have or where it is .
It ’ s frightening to think that more than half of the CISOs we surveyed recently don ’ t know where all their data is or how it ’ s protected . If your organisation works with sensitive data – whether that ’ s personally identifiable information ( PII ) or PCI data – it ’ s really critical that you don ’ t just understand where your infrastructure is , but you know how your users interact with it , where your data is being stored , how securely it ’ s being stored and whether it can be audited .
Fundamental to this is understanding what assets your organisation has . Assets have changed – we ’ ve moved on from the days of restricted company laptops , staff are now using iPads , working in cafes and want access to data from their personal devices . We are seeing a shift to a Zero Trust access model , but essentially you need to have that overall visibility – of infrastructure , assets , users , data – to give you a true
www . intelligentcxo . com
25