Intelligent CISO Issue 41 | Page 41

EXPERT OPINION

Security is a journey , not a destination : Cybersecurity ’ s past , present and future

Security is a journey , not a destination . Between new technologies , emerging threats and seismic shifts in the cultural landscape , nothing stays static for long . In that spirit , we caught up with
Scott Behm , Keysight Technologies ’ Chief Information Security Officer , to get his take on leading enterprise security teams , how

2020 shook things up and what the future may have in store . i

If we could rewind the clock two years , what could the IT world have done to better prepare for the diversity of risks offered by 2020 ?
2020 did indeed deliver the IT and cybersecurity community a diversity of trials and associated risks .
Defending against increasingly sophisticated threat actors while addressing the people , process and technology challenges associated with enabling effective and secure remote work almost overnight has been interesting . On a positive note , we have all learned new ways to innovate and deliver . In some cases , we have yielded results even better than before .
As they say , hindsight is 20 / 20 . In 2020 , the IT world has proven its resiliency – and overall done well at enabling organisations to get the job done under extreme circumstances .
Many lessons were learned along the way and it most certainly wasn ’ t the same journey for all . Looking forward , a greater focus on scenario planning for unthinkable crises will help us better future-proof our institutions and interests .
If you learned tomorrow that you were the victim of a ransomware attack , what ’ s the first thing you ’ d do ?
As you know , ransomware attacks – if successful – can have a major impact
Scott Behm , Keysight Technologies ’ Chief Information Security Officer
on their intended targets . As such , it is imperative that companies prepare using tabletop exercises , coordinated blind simulations ( making participants believe it is the real thing ) or purple team exercises to test not only their response , but their ability to detect .
At Keysight , if we discovered or otherwise learned that there were indications of a ransomware attack , the SOC Security Operations Centre ( SOC ) would immediately enact the ransomware playbook . The designated incident commander would begin coordinating communications with both responders and business stakeholders .
Concurrently , the SOC would work to understand the scope of the attack so www . intelligentciso . com
41