Chief information security officers (CISOs) play an essential and strategic role in protecting their organisations from cyberattacks that could be costly and damaging. Understanding the various tools and technologies that can combine with cultural traits to create a strong security posture is crucial for any CISO to be successful. However, CISOs tend not to operate with unlimited budgets, so a key challenge is to determine which of the existing and new or emerging technologies to invest in for best results. The increasing complexity of this landscape has led to a cyber arms race that CISOs must win to stay ahead of cyberattackers, according to Wavelink, a Fortinet distributor.
Ilan Rubin, managing director, Wavelink, said, “Ultimately, CISOs must determine what their organisation’s security goals are, including the organisation’s risk profile and appetite, and, of course, their budget. Then, they can start to consider which tools to add to their arsenal to combat the ever-increasing threat of cyberattacks.”
The key weapon in the cyber arms race right now is automation, largely driven by artificial intelligence (AI). In a security solution context, AI leverages threat intelligence and big data to fuel machine learning that speeds up security-related decision-making and threat remediation. Most cybersecurity tools are now powered by AI so the question for CISOs when choosing a solution is whether the AI is based on high-quality, accurate threat intelligence.
Ilan Rubin said, “The arms race is occurring because cyberattackers are also using AI-driven solutions. This means using AI to defend against these attacks is no longer optional. Attacks are getting faster and smarter, so it’s important to have an AI security tool that uses actionable intelligence to make decisions and act in a timely manner.”
The efficacy of an AI solution depends on the quality and timeliness the threat intelligence uses to make decisions. It also needs to be deployed in the right area. For example, email is a significant attack vector, so solutions that protect against email-borne threats and use behaviour analysis techniques are more likely to deliver a strong return on investment.
Protection, detection, and response are three key elements of a strong cybersecurity posture, and all can benefit from AI. With attacks happening at cyberspeed, it’s essential to reduce manual processes so that organisations can fight back on a level playing field.
Wavelink has identified four ways CISOs can look to come out on top in the cyber arms race:
1. Invest in digital innovation: AI can augment human security teams and exponentially increase their effectiveness, letting IT teams focus on deploying essential technologies at speed and scale.
2. Choose tools that flatten the learning curve: getting junior IT security professionals up to speed quickly requires CISOs to choose technologies that are simple and user friendly. Leveraging next-generation cybersecurity tools that incorporate automation lets junior staff become effective sooner, freeing up senior staff members to focus on high-value initiatives.
3. Reduce siloes: the more siloes in an organisation, the more complex and challenging it becomes to protect them all. Deploying tens of different security solutions and technologies makes it impossible to correlate events and execute a consistent and coordinated response to threats. Reducing these siloes will reduce risk and make it easier to secure the organisation.
4. Build trust in automated solutions: trusting automated solutions takes time and requires an understanding of the algorithms and machine learning that underpin automation. CISOs should choose proven solutions based on extensive training. These solutions should limit the number of false positives and prevent the human security team from being alerted every time a suspicious event occurs. This frees them up to focus on genuine threats and will build confidence over time that threats aren’t being missed.
Ilan Rubin said, “Automation is essential for a modern security posture; however, it’s important for CISOs to strike a balance between overconfidence and fear. Organisations can benefit from automating where appropriate and keeping human security professionals involved in high-stakes areas. This can help CISOs make the most of the resources available to them, protect the organisation effectively, and, ultimately, stay ahead of their adversaries in the cyber arms race.”