“When it comes to the cyber threat actor, 2022 was a year much like any other. They continued to evolve — to automate more and use more sophisticated methods. Unfortunately, when it comes to cybersecurity, the last three years stand out. Yes, the region’s security professionals played the usual parallel game of catch-up to the threat actors’ rapid evolution, but changes to their own IT environments have tied SOCs’ hands more than usual. They no longer protect simple, on-premises environments. The cloud, third-party services, shadow IT, and more, plague cybersecurity professionals to an alarming degree,” commented Paul Baird, CTSO at Qualys.

Against this backdrop, below are the seven predictions that Qualys believes will shape the threat landscape in 2023.

More accountability for CISOs

CISOs’ repeated calls for more investment in the security will finally be heard and the role will be granted more autonomy, but at a price. Organizations will expect their security leaders to justify expenditures, actions, strategy, policies, KPIs, and more.

Machine learning will combat alert fatigue and SOC burnout

Threat actors automate and have become more effective because of it, but the security professionals tasked with stopping them are complaining that they do not have the tools to do so. Basic endpoint detection and response (EDR) is insufficient to dial down the noise and allow SecOps teams to zero in on genuine threats and boost morale. Advanced machine-learning-powered analytics is the answer, and in 2023 it will play a bigger role as highly regulated industries try to address their cybersecurity talent shortages.

More support for neurodiversity

The region has made some important steps in diversity and inclusion, with most having concentrated on gender and people of determination. In 2023, a significant leap can be made in closing talent gaps if organizations look to neurodiversity. Studies strongly suggest neurodivergent individuals gravitate towards more technical, insular roles, avoiding managerial positions or those that involve public speaking or customer contact. As soft skills become increasingly important, and skills shortages persist, it will be necessary to address neurodiversity by training managers to recognize it and support each team member properly. If not, recruiters will have to hire CISOs for their soft skills, but they may lack technical experience, and will also be unfamiliar with the digital environment they inherit.

More focus on supply-chain risks

This year, CISOs must look to the SBOM (software bill of materials) to understand all the elements of the technology stack and their dependencies. Some of these will be deployed and maintained by third parties and can be weak points even for organizations with robust security postures. The supply chain must now be seen as integral to cybersecurity strategy, and if necessary, enterprises must support their suppliers in reaching higher levels of maturity. The SBOM will be an indispensable tool in understanding the chain, the gaps that must be plugged in, and who must plug them.

The post Qualys Shines Spotlight on Need for CISO Accountability as Part of Company’s 2023 Predictions for the Security Industry appeared first on The Integrator.

The biggest shifts for CISOs in terms of their role in a business in the last 3 years

In recent years, the role of the CISO has shifted dramatically. With the rise of cyber attacks, CISOs are now expected not only to protect data, but also to be proactive in identifying and preventing potential threats. In addition, CISOs are now often tasked with developing and implementing security strategies for the entire organization, not just the IT department. With the ever-changing cybersecurity landscape, CISOs must continuously adapt their strategies to stay ahead of the curve.

A decade ago, those who are now referred to as “CISOs” were not considered nearly as important as they are today. Quite often, at the time, they got answers such as, “Can’t you see I’m working?” or, “Oh no, not you again!” Today, the same people get a dedicated seat in that same boardroom. And, many CEOs ask them important questions, valuing their response. These questions actually call for answers, and perhaps the most amazing change is in the tone that is now used. “Can you provide insight into whether or not we can buy this company?” or “If you wouldn’t mind, can you prepare metrics regarding our cyber posture to present to our stakeholders next week”? The newly regarded CISO gets a budget, a team, and the right to directly recruit. Sometimes even, the voice of the CISO prevails over other long-standing professionals established on the upper floor. In fact, over the last few years, the teleworking policy, the collaborative database, legal reporting, and even the development roadmaps of innovative core applications have been placed under their direct leadership.

The shift in the role of the CISO from an operations focus

In recent years, there has been a shift in the role of the CISO from an operations focus to a strategic one. This is due to the increase in demands placed on CISOs to protect organizations from cyber threats. In order to be successful, CISOs must now have a deep understanding of the business, its risks, and its goals. They must also be able to build and maintain relationships with key stakeholders.

One example is that the board wants more than just a service-level agreement on security incident response. Instead, they are looking for a protection-level agreement to ensure digital assets are continuously patched and protected to proactively react to cyber incidents that may cause business disruption.

Gradually, the CISO has become more involved in the decision-making processes. Almost systematically now, when innovation is involved, the CISO’s voice makes a difference. And that difference is not about saying no all the time. Rather than speaking from the voice of “Mister No” the CISO has turned into a source of inspiration for innovation, rallying data analysts and software developers under the same banner of secure operations development. In order to do so, the CISO and their team have initiated a healthy dialog between production, marketing, finance, and even HR and Legal. As a consequence, this has shifted the focus from bits and bytes language towards more business-oriented notions such as risk, market footprint, and compliance.

Important strategies for CISOs in 2023

CISOs should always keep in mind the importance of strategy when demonstrating business value. This means considering both the short- and long-term effects of decisions, and making choices that will benefit the company as a whole. In the short term, it may be tempting to cut corners or take shortcuts, but doing so could jeopardize the company’s security in the long run. It’s crucial to remember that the goal is to protect the organization’s data and assets, not just to save money. An effective way to demonstrate business value is to understand the “kill chain” of a business. Most CISOs are very familiar with the technical concept of the cyber kill chain in cybersecurity, but it’s important to also understand the impact a cyber attack can have on critical operations and the revenue or reputation loss that may result from it. CISOs should keep the assets or data being protected top of mind, ensuring they are prioritized according to the business value kill chain. Place a higher focus on risk management tools for assets and data that have a critical impact on business operations.

The CISO should keep in mind a holistic approach when considering the benefits of the solutions. When discussing secure access, for instance, the deployment of authentication technologies could seem like a change of behavior in the eyes of users who are only exposed to VPN once a day. However, the overall benefit of a whole infrastructure dynamically protected by a holistic ZTNA strategy is far superior to securing the session, the application, or the segment. The CISO must be fluent in articulating these benefits and expressing them in terms of risks so that the stakeholders understand that the pros outweigh the cons.

New roles “expected” of CISOs in today’s organizations

The role of the CISO has evolved and expanded to meet the ever-changing needs of organizations. Today, CISOs are expected not only to be technically savvy but also strategic thinkers who can help organizations navigate the complex cybersecurity landscape.

In addition to traditional CISO responsibilities such as developing and implementing security policies and procedures, CISOs are also expected to have a deep understanding of business operations and objectives. They need to be able to align their security strategies with the goals of the organization and create programs that effectively protect against cyber threats. As the cybersecurity landscape continues to evolve, so too will the role of the CISO. Organizations will continue to expect CISOs to be innovative and adaptable leaders who can help them stay one step ahead of the latest cyber threats.

In today’s organizations, it is important for CISOs to serve as a leader of change rather than a manager of technology. Digital transformation is such a big wave that the successful deployment of advanced cybersecurity solutions involves the entire company, all employees included. The human dimension of the role is a key success factor when you consider that 60% of transformation projects continue to fail for having underestimated the user adoption aspect. Policies that change the way people work, such as teleworking, ZTNA, or DevOps need to be explained before they are enforced. Explaining the why of cybersecurity becomes just as important as implementing the how.

The post The Changing Nature of the CISO in 2023 appeared first on The Integrator.

Digital transformation is seen as a big investment but is becoming a prerequisite for survival in the current and future landscape. Businesses are now more reliant on digital infrastructure than ever – with many organizations completely dependent on their IT systems and the data being generated, which is their IP. With data being viewed as the “new currency” today, it is vital to protect its integrity. A Modern Data Protection solution ensuring the backup, recovery, and management of critical data is essential.

Mohamad Rizk, Senior Director, Technical Sales – ME, Veeam

The Veeam Ransomware Trends Report 2022, reveals the extent of vulnerability of businesses when it comes to ransomware defense. 72% of organizations had partial or complete attacks on their backup repositories, dramatically impacting the ability to recover data without paying the ransom. Cybercriminals are successfully encrypting an average of 47% of production data and victims are only able to recover 69% of impacted data! 76% of organizations also admit to paying ransomware criminals.

Security Weaknesses

Although organizations in the Middle East, in general, spend a lot on security technologies, there is a huge gap when it comes to planning and executing a security strategy. This mainly boils down to the complexity of the IT environment. The region is risk-averse when it comes to adopting cloud technologies and there are still a lot of legacy systems. Protecting these complicated environments is a big challenge and becomes even more so in the transition phase of moving to the cloud.

Pillars of a Robust Security Strategy

Regional CISOs need to have a stringent security plan in place which includes important elements like stress testing of IT Systems, backup, a disaster recovery plan, and educating employees:

Stress Testing of IT Systems

If stress testing of data, people, and processes is not done at regular intervals, ideally once a month, then the business is being put at significant risk. There are a few reasons for the lack of testing. One is that organizations do not have the correct software and processes in place. The second, as mentioned earlier, is that organizations still have legacy disparate systems, which increases the complexities of testing so many different parts. The fear of failure is what causes people not to stress test to the level that they should.

Backup – Immutability is key

Every admin should have a backup. This principle works for any virtual environment; regardless of the hypervisor, you are running (VMware, Hyper-V, or whatever). One of the timeless rules that can effectively address any failure scenario is called the 3-2-1 backup rule. Veeam has upgraded this to the 3-2-1-1-0 rule. This upgraded rule gives incredible versatility by going the extra mile:

• There should be 3 copies of data
• On 2 different media
• With 1 copy being off-site
• With 1 copy being offline, air-gapped, or immutable
• And, 0 errors with SureBackup recovery verification

Disaster Recovery

Enterprises produce huge volumes of employee, customer, and corporate data, of which they are the trusted custodians. Given the growing importance of personal data, organizations have a broader societal responsibility to ensure their systems are fully recoverable at all times. While IT departments have a crucial role to play here, business leaders also need to truly buy in to the importance of Disaster Recovery (DR). A good DR strategy should encompass a documented process that has been tested. DR testing needs to be stringent – looking at every possible eventuality and preparing an appropriate response.

Employee Education

Without creating awareness and providing a deeper understanding of best practices through cyber literacy, any threat mitigation tool is rendered useless. It is imperative to educate employees and ensure they practice impeccable digital hygiene.

If organizations in the Middle East follow the above pillars of a sound security strategy, then they would have taken care of a very important piece of the digital transformation puzzle.

The post A Good Security Strategy Against Ransomware is at the Heart of Digital Transformation appeared first on The Integrator.

“The cybersecurity challenges facing our enterprise customers today are getting increasingly complex with a threat landscape that is rapidly evolving,” Ken Xie, founder, chairman of the board and chief executive officer at Fortinet. “With Phil’s extensive background working at the National Security Agency and with the Defense Department he brings incredible insight on the technologies, threat landscape and partnerships needed to deliver the most effective approaches to data security. He is a strong addition to our executive leadership team and will be focused on safeguarding Fortinet’s information technology and assets, expanding our strategic national programs, as well as serving as a trusted advisor to our C-Level enterprise customers.”

Quade brings more than three decades of cybersecurity and networking experience working across foreign, government, critical infrastructure and commercial industry sectors at the National Security Agency (NSA) at the highest levels of the White House and Congress. Prior to Fortinet, Quade was the NSA Director’s Special Assistant for Cyber and Chief of the NSA Cyber Task Force with responsibility for the White House relationship in Cyber.

Previously, he served as the Chief Operating Officer of the Information Assurance Directorate at the NSA, managing day-to-day operations, strategy, planning, integration, and relationships in cybersecurity. Prior, Quade served as the head of the Information Operations Technology Center’s Advanced Technology Group, as a professional staffer to the U.S. Senate, and at the Office of the Director for National Intelligence. Additional assignments that Quade held at the NSA include computer and network security evaluator, cryptanalyst and policy management.

In his new role as Fortinet’s CISO, Quade will leverage his considerable experience in managing diverse and complex cyber strategies solutions with global intelligence and partnerships to ensure that both Fortinet and its global customers have the most effective, broad security postures.

“Bringing together the right mix of technology, threat intelligence risk management and partnerships to protect global information and assets is my passion. Fortinet’s Security Fabric vision aligns perfectly to what it takes to deliver an end-to-end, intelligent, scalable, and integrated security architecture for today’s digital economy,” said Quade. “I am thrilled to join Fortinet’s leadership team and contribute to its vision, both in leading our internal information security efforts as well as providing strategic guidance and programs to help safeguard our global customers.”

The post Fortinet appoints Phil Quade as CISO appeared first on The Integrator.