BUSINESS STRATEGY
IMPROVING VISIBILITY IS NOT ABOUT SEEING MORE PROBLEMS THAT YOU CAN ’ T SOLVE BUT SOLVING PROBLEMS BEFORE YOU SEE THEM .
methods of attack , CISOs are balancing on the precipice of losing control of users , data , assets and the ability to protect their infrastructure .
A BlueFort 2022 CISO Survey , which spoke to 600 UK CISOs , revealed the extent of the challenge , stating that many admitted to a lack of visibility , intelligence and control over much of their organisation ’ s estate . Over half ( 57 %) admitted that they do not know where all their data is or how it is protected .
The lack of , or limited visibility , over an organisation ’ s estate is the root cause of many challenges CISOs face . When there is no clear visibility over the IT estate , it is impossible to gain accurate intelligence or have any control over it . When visibility is clear , intelligence can be applied to known elements enabling the implementation of positive controls .
Visibility roadblocks
Many CISOs are familiar with common visibility obstacles , often caused by either information overload or lack of information .
• Information overload : With the plethora of tools available , it would be hard to find a CISO short of information . The vast majority find themselves suffering from information overload ( lots of visibility , but little context ).
• Cloud adoption : Enabling cloud transformation is now a key focus area for UK security leadership . BlueFort ’ s 2022 CISO Survey found that more than half ( 57 %) of CISOs use multiple clouds and 37 % utilise a single cloud environment . Securing the cloud and cloud-based applications must be a priority , yet it remains one of the biggest visibility roadblocks for organisations today .
• Skills gaps : The compounding effects of information overload , high shortage of cybersecurity skills and regulatory compliance burdens , drains the already limited resources allocated to threat detection and response .
• Employee churn : Most CISOs are also losing track of movers , joiners and leavers across the business . This is a common security challenge encountered by organisations resulting in lost data on leavers ’ machines .
• Employee working behaviour : Employees routinely practising insecure working behaviours like connecting to public Wi-Fi and not flagging suspicious or malicious emails only makes the situation worse .
• Changing external threat landscape : Cyberrisks are on the rise . The volume and variety of attacks , especially ransomware , are growing exponentially . According to analysis by The Stack of Common Vulnerabilities and Exposures data ( CVEs ), the number of critical vulnerabilities in 2022 was up by 59 % compared to the previous year .
Moving to intelligence-led visibility
These challenges prevent CISOs from establishing full visibility and control over their IT estate . What ’ s needed is an intelligence-led approach to visibility , one that focuses on gaining insight and context that enables you to identify and prioritise the most important threats facing your business .
This requires a transformational approach , a clear understanding of which bit of visibility you are dealing with and the ability to turn that information into contextual and actionable intelligence .
The goal is for visibility to be organic , removing manual processes and reducing noise to establish visibility of all data , threats , remediation opportunities and effectiveness of existing protection . It is important to remember that improving visibility is not about seeing more problems that you can ’ t solve but solving problems before you see them . While this might sound like an insurmountable task , breaking the journey down into priority-based steps provides a clear building roadmap over time .
• Establish a view of your external attack surface : The first step to gaining true visibility over your organisation ’ s cybersecurity estate is transforming the unknown into the known , identifying what your attack surface looks like to an external threat actor . By adopting an external viewpoint , you can effectively assess your security landscape , identify gaps and determine the most susceptible areas for potential attacks .
• Conduct robust internal testing : Once you have a continuous , automated process for the discovery of the organisation ’ s systems and assets , the next step in the visibility journey is to start actively testing and validating . The aim of this process is to establish key strengths and weaknesses in the attack surface .
• Address and test critical cloud security issues : Cloud security posture management is
26 www . intelligentcxo . com