whether their security teams are challenged by a constant state of emergency response. If so, this situation must be addressed with great urgency. Here are five things that CISOs can do that will have an impact:
*Improve security hygiene and posture management,
*Segment networks to reduce the attack surface,
*Capture the actions taken by experienced security professionals and turn them into formal automated security processes,
*Operationalise the MITRE ATT&CK framework to guide activities like security engineering, testing, and alert triage, and
*Augment overworked staff with help from security service providers.
Yes, I realise these are obvious options, but security professionals keep telling ESG that dealing with emergencies is one of their biggest security challenges year after year. I can only conclude then that organisations aren’t making the right decisions or aren’t even trying.
As the famous quote attributed to Albert Einstein states, ‘the definition of insanity is doing the same thing over and over again and expecting different results.’ If we subject security teams to a life of constant firefighting when there remain changes to be made that will help, we deserve to be hacked.