What is the role of the Chief Information Security Officer?
Credit to Author: Trend Micro| Date: Mon, 20 Mar 2017 21:48:09 +0000
Are your IT security initiatives manned by an experienced Chief Information Security Officer or led by a supervisor who has little to no cyber security experience?
There's a difference between the two employee types – which we'll describe shortly – and understanding those disparities could be the difference between losing thousands or millions of dollars to cyber criminals.
A recent IBM Security study of 383 organizations, and in 16 industries and 12 countries, found that the total cost of a cyber breach today is $4 million, which is up about 30 percent from 2013. The study also revealed the reason cyber crime costs are climbing is that most breaches come from malicious attacks, which are more expensive to remedy.
As you can see, it's absolutely critical you hire a professional who can lead your IT security team. Without the proper leadership, your firm could be an unfortunate statistic in a future IBM security study. To prevent that from happening, here's what you should know about the importance of developing a strong IT security team, the role of a CISO and how to hire the best one:
1. What happens when you don't have strong cyber security leadership?
Last year was a banner year for cyber security criminals hoping to breach and steal secret data. Before we discuss what to look for in and how to hire a CISO, we need to emphasize the impact a cyber security breach can have on an organization. The harm is especially pronounced if there isn't a strong CISO in charge. The best way to make this point is by looking at the impact cyber criminals and cyber crime had on companies in 2016.
Yahoo's cyber security breach largest in history
Yahoo rolled into last autumn having just been hit with one of the largest cyber breaches in history. In September 2016, Yahoo revealed that cyber criminals had compromised 500 million of its users' accounts. Even worse – if you can imagine – the company also reported that the hack happened two years prior. Let us repeat that: Two. Years. Prior. Not only did Yahoo fail to stop the cyber breach, it also failed to notify users in a timely manner.
Yahoo, of course, isn't the only entity to have experienced a major cyber security breach. In early February, CNN reported that hackers claimed to have penetrated the Department of of Justice's database and released the personal information of 20,00 FBI employees.
Ransomware became a larger player in cyber crime
Ransomware isn't a new cyber threat, but it finally broke out in 2016, and wreaked havoc on systems worldwide. Security Magazine noted that in the second quarter of 2015, professional IT staffers found more than 4 million samples of ransomware. That was up from 1.5 million in the third quarter of 2013.
Ransomware is a malware type that locks a user's electronic device, preventing the owner from accessing its information. The IT criminals typically lock a screen and demand a reward to unlock it. Today, ransomware continues to evolve, and now includes malware such as crypto-ransomware. Using this style of attack, hackers encrypt specific user files, and force that person to pay a ransom in order to obtain the decrypt key.
In our 2017 Security Prediction report, we found that the number of ransomware families surged 400 percent from January 2016 to September 2016. We also predicted that the number of families will rise by 25 percent in 2017, averaging roughly 15 new families per month.
A great CISO will look at the above information, however, and ask: What's next?
In the coming months and years, companies may face an onslaught of new types of ransomware, such as ransomworms. This is ransomware combined with a network worm, noted Corey Nachreiner, CTO of WatchGuard Technologies.
"Now, imagine ransomware attached to a network worm," said Nachreiner, according to CSO. After infecting one victim, it would tirelessly copy itself to every computer on your local network it could reach," he said. "Whether or not you want to imagine such a scenario, I guarantee that cyber criminals are already thinking about it."
Cyber criminals have one goal: They want to make money. And the best way to do that is by streamlining processes by using ransomworms.
2. What qualities should your CISO have?
You don't want to hire a CISO who's focused on managing attacks. Instead, you should hire one whose sole focus is stopping cyber criminals in their tracks by closing off holes in your IT infrastructure.
Here are some qualities that all great CISOs have:
- They have experience: These professionals know how to run vulnerability scans, perform web application security assessments, upgrade and update systems and respond to threats with the right tools and procedures.
- They're diplomats: CISOs have the unique responsibility of talking with CEOs and other C-suite executives about everything from the company's cyber security measures to the IT department's funding. They know how to present reports not only to higher-ups but to external stakeholders. And, if a breach occurs, these CISOs know how to work with other departments – such as public relations – to save face.
- They're team builders: The best CISOs can build a cohesive IT security team that works together to solve problems quickly. The fate of the company may rest on their ability to rapidly handle cyber attacks. They educate their staff members about best IT security practices and keep them updated on cyber security trends. We already mentioned ransomware and ransomworms as two types of cyber attacks that are increasing.
- The understand the business: JD Sherry, former VP of technology and solutions at Trend Micro, suggested that CISOs should "understand the business." What does this mean? CISOs understand their company's business and IT security objectives and the overall cyber intelligence industry. They also can identify what kinds of resources they have at their disposal to combat advanced cyber viruses and malware, as well as research how today's cyber criminals are hacking systems.
- They stay ahead of the curve: The best CISOs can put themselves into the mind of a cyber criminal. In doing so, they're able to make well informed guesses about where the cyber security industry is going. This not only helps their companies devote resources to the proper channels, but it also can help them save money by not investing in outdated devices, software and processes.
- They know how to hire: Experienced CISOs know how to effectively build a team of IT security professionals who:
- Are experts in their respective fields.
- Are willing to learn how IT security fits into the company.
- Take initiative and stay educated about IT security happenings.
- Can work with others to solve some of the company's greatest cyber security issues.
These are only six qualities we believe every outstanding CISO has. However, there's a good chance you can think of many more that fit your unique business.
We've covered a lot in this article, but the overriding theme is this: The IT landscape is always shifting and becoming more dangerous with each passing minute. It's often difficult for companies to stay out in front of cyber criminals – who often make it their 24/7 job to hack. That's why it's critical companies not only hire CISOs, they hire the best ones.
If you're unsure of where to start, let this article be your guide – your outline – to a safer future. And don't get overwhelmed. Even if you're a small business, you can still build an IT security team you can be proud of, even if only contains one or two individuals. While a CISO's role in this capacity would be different than one manning a large team at a corporation, his or her responsibilities are still the same: protect the enterprise from cyber crime.
Don't wait any longer. Take a moment today to review your IT security policies, structure and strategies, and get to work building a robust team that can keep you, your employees and your stakeholders safe.