Back in the early “barnstorming” days of aviation, pilots flew their planes by the seat of their pants, with minimal guidance from gauges or navigation aids. Engine trouble was indicated by smoke from the engine, airspeed was monitored by the wind in the pilot’s hair and navigation was done with dead reckoning using the sun and the stars. As airplanes got more complex, flying higher and faster, gauges and navigation got more sophisticated. Today, pilots fly with “glass panels” and GPS, providing all the information needed to fly the plane in one place, with autopilots that almost fly the plane themselves.
Like pilots, who have the ultimate multi-tasking challenge to minimize unnecessary risks and ensure the safety of their passengers and craft, chief information security officers (CISOs) have to keep their eye on many gauges and instruments to minimize their organization’s cyber risk and protect their most treasured applications and data. Gone are the days of CISOs operating by the seat of their pants. With the stakes high and the sophistication of attackers at unprecedented levels, CISOs need their own cockpit that includes everything they need to manage their operation.
With hundreds of third party vendors connecting to their networks, an increasing number of employees logging in remotely, continuously evolving industry regulations, threats coming from all directions and criminals using more sophisticated tactics than ever before, a CISO’s role has shifted. They can no longer approach cyber security from a technical standpoint, deploying one siloed solution after another and only speaking in terms of zero days and firewalls. Today’s CISOs are being held accountable by other C-level executives and boards of directors to approach cyber security from a viewpoint that they understand – risk. According to a recent survey conducted by Osterman Research, cyber risks were the highest priority among board members compared to other risks, such as financial, legal, regulatory and competitive risks.
To overcome the latest cyber security challenges and implement a risk-based approach to cyber security, CISOs need a fully equipped cockpit. They not only need dashboards to understand the company’s current state of affairs but also the levers and switches to take action to reduce risk. They need to see threats coming from outside criminals, internal employees and third party vendors, and marry those threats with associated vulnerabilities that may lead to a compromise of their most valued assets. They must facilitate the communication between incident responders and line-of-business application owners to ensure that the most severe alerts are on the top of the priority list for investigation and that the most critical vulnerabilities within their most valued assets are patched first. CISOs must report their progress and challenges to the board of directors in a language they can understand and present metrics that center around impact to the business.