Intelligent CISO Issue 13 - Page 62

PLAYING THE LONG GAME: HOW CISOS CAN GET AHEAD CISOs don’t have an easy job. They’re up against skilled, malicious adversaries and every day has the potential to throw up new challenges. Mike Campfield, Vice President of Security, ExtraHop, offers some advice for modern CISOs on how they can ensure long-term success. C ISOs are not sergeants. They’re generals. Their job is not to fight battles, it’s to win wars. And yet so often, CISOs are torn away from their strategic roles to fight the everyday battles keeping them from assuming the long-term planning and strategic oversight that the role is made for. When they should be thinking about the future, they’re stuck dealing with the minutiae of the present. Getting ahead of those smaller fires to tackle the larger blaze will first require a change in thinking. So how do you start getting ready for long term now? First, you’ll have to get an idea of where you are now. What can you do well and what do you do poorly? Where do you have visibility and where is the 62 dark space within your environment? And what could you do to harden your attack surface? Importantly, you should know whether you have an easy way to demonstrate your strengths and weaknesses as well as the ability to show progress. You must also assess how compliance- fit your organisation is. The General Data Protection Regulation (GDPR) came into effect last year and requires compliant organisations to file comprehensive reports to the local regulator and possibly the data subjects, within 72 hours of a breach. Those who fail to do so may face fines that run higher than €20 million. Figuring out whether you could file that report within the window will be critical to this assessment. The next question is about how your staff’s effectiveness can improve. Could, for example, better cyberhygiene Mike Campfield, Vice President of Security, ExtraHop or monitoring improve your security posture? Moreover, do your staff have access to the data and the skills they need to do their job? If there are barriers, where can they be demolished? Where data is available, could datasets be more complete or made more intelligible to the people using it? Identifying places and routines that you can automate will be important. Where staff are doing repetitive tasks, you should consider where scripts, integrations, orchestration tools or ticketing systems can be applied to replace those time-consuming manual activities with policy driven execution. Finally, you have to get the board – and indeed the whole enterprise – on your side and convince them that these Issue 13 | www.intelligentciso.com