Building a trustworthy team can help CSOs get a good night’s rest, says Morey Haber

News Desk -

Share

In light of the increasing cyber threats in the Middle East and around the world, TECHx spoke with some of the experienced CSOs/CISOs to learn more about the strategies their organizations have used to combat these attacks. Morey Haber, Chief Security Officer at BeyondTrust, is featured first in the series. Continue reading to learn more about how BeyondTrust is addressing growing cyber risks.

TECHx: In your conversations with customers, what are the most pressing cybersecurity concerns facing today’s organizations?

Morey: The most pressing cyber security concerns facing organizations today are the rapidly evolving threat landscape in the cloud and attacks targeting assets that are no longer secured by a perimeter defense strategy.

Organizations have become truly interconnected in the last decade and almost every asset has some communication path to the cloud for software updates, development, or as a part of its strategic operations and workflow. This includes servers, databases, and even end users working from home. The protection of these assets and their workflows have garnered strategies like Zero Trust and raised premiums on cyber insurance with little progress on solutions and methodologies for simple and effective mitigation.

These changes have become the biggest issues for organizations today with multiple paths, products, and guidance available based on the diversity of digital transformations.

TECHx: What are some of the best cybersecurity practices your company has adopted to ensure not only a secure working environment but also a simplified adoption process?

Morey: My organization has adopted several cybersecurity best practices for securing on-premises, cloud, and work from anywhere initiatives:

· Standardized vendor security questionnaires and audits for all third party organizations

· Required MFA for all cloud based solutions coupled with SSO

· MDR, EDR, and Least Privileged for all corporate assets

· Automated vulnerability and patch management

· Web content inspection for end users including websites, emails, and file transfers

· Privileged access management for privileged sessions and password management

In fairness, these are only a few of the best-practices we have adopted, but are critical to mitigation within any organization.

TECHx: Hybrid work culture is now a reality; how are you protecting your remote workforce from potential cyber threats?

Morey: BeyondTrust has developed, implemented, and tested a five-step approach to endpoint security that serves as the basis for our remote workforce cyber threat strategy. In essence, the 5 steps are:

· Detect and prevent known malware

· Remove excessive end-user privileges and stop zero-day attacks

· Use pragmatic app control and block malicious code

· Continuously monitor for harmful activity

· Apply additional lockdown based on end-user cases

It is important to note that this strategy has been fully implemented for the last three years at BeyondTrust.

TECHx: The human factor remains one of the most serious threats to an organization’s cybersecurity; in light of this, what kind of security training should employees receive?

Morey: At a very minimum, all employees should receive annual cyber security training and this should be mandatory for all new hires within 30 days of employment. In addition, continuous training should be implemented using techniques like simulated phishing campaigns to ensure employees stay vigilant against cyber security attacks.

TECHx: What is the best and most immediate strategy for CSOs/CISOs to implement if a data breach occurs in their organization?

Morey: All CSOs and CISOs should have an Incident Response (IR) plan that is tested on a periodic and frequent basis to ensure a consistent response to a breach. Key details in the plan should include:

· Templates for customer, investor, and press communications

· Legal notifications and response to a cyber insurance carrier

· A third party forensic organization that is independent of the insurance company

· SLAs for notification and cleanup

· Backup and restoration strategy

TECHx: What do you consider to be the most important skills of a modern CSO/CISO?

Morey: The most important skills of a modern CSO/CISO include:

· Honesty – be honest with yourself and the organization regarding the current cyber security risk your organization faces

· Reliability – be reliable to your employees and the deliverables promised

· Ownership – take ownership of the risk and do not pass the blame

· Trust – team members trust you for escalations and communications to stay confidential and transparent when dealing with issues

· Technical – CSOs/CISOs do not need to be the most technical and “in the weeds” individuals. They do have to understand risk and how to navigate the organization in order to mitigate the threats

TECHx: What advice or tips would you give to other CSOs/CISOs in light of the current global cybersecurity landscape?

Morey: Jokingly – “sleep is overrated” but you can get a good night’s rest by building a trustworthy team that can help manage the threats. CISOs/CSOs tend to bear the burden all by themselves and that is a mistake. Communications and appropriate knowledge of risk are key to a CSO/CISO’s longevity, health, and success of the business to mitigate risks.


Leave a reply