Intelligent CISO Issue 9 - Page 28

editor’s question BHARAT MISTRY, PRINCIPAL SECURITY STRATEGIST, TREND MICRO T he Chief Information Security Officer (CISO) didn’t even exist as little as five years ago and the role continues to evolve at a rapid pace in response to the changing threat landscape. As security becomes an increasing area of importance in every aspect of business, these are some key things that CISOs must prioritise in 2019. For example, a few years ago, most business units were asking what could be put in the cloud but today the question has entirely shifted to what can’t. There has been a substantial increase in the adoption of cloud technologies, as enterprises move away from traditional data centres to more agile cloud-based platforms. Coupled with this is a cultural change away from siloed development, 28 operations and security teams towards a DevOps culture. Going into 2019, CISOs need to make sure security does not get left behind and guide security teams to develop their operating practices, mind-sets and skillsets. Meanwhile, CISOs will be searching for the next generation of security professionals to support these efforts, with programming skills a core requirement, however this may prove challenging owing to the increasing skills shortage. Of course, we must also acknowledge the GDPR in the room. CISOs can expect further tightening of regulatory pressures going into the new year, and data protection and privacy will continue to dominate boardroom discussions. It’s also likely that The EU’s ePrivacy Regulation (ePR) will to come into play in 2019. This safeguards the confidentiality of any data involved in electronic communications, as well as the devices it came from. It has the same territorial scope as GDPR and carries an identical penalty regime for non-compliance. CISOs will need to ensure that their organisations have the CISOs need to make sure security does not get left behind and guide security teams to develop their operating practices, mind-sets and skillsets. detailed level of understanding and the right processes in order to comply with these continuing regulatory changes. From a threat perspective, CISOs can expect credential stuffing attacks to rise and they will become increasingly difficult to spot. Previously, defenders have been able to spot patterns of multiple failed logins from the same IP address ranges in a short period of time, so have been able to mitigate the threat. However, what we are seeing now is attackers using tools that spread out the requests and can implement ‘low and slow’ approaches to go under the radar. Having the necessary skills in place to deal with these types of attacks will be essential. Additionally, as the use of Machine Learning becomes more prevalent in the defender’s toolkit, attackers will be adopting techniques which evade detection in order to allow their malware to run. We’ve seen instances in 2018 with file-less malware and this theme is set to continue. CISOs should educate their organisations on the benefits of implementing solutions based on Artificial Intelligence (AI), in order to combat this ever more challenging threat landscape. Issue 09 |