Five Red Flags You Have a Cyber Security Insights Problem

By Nik Whitfield, CEO, Panaseer

Red flag one: your board, its regulators, and even auditors want continual reporting

Cybersecurity has hit the board-room and above with a splash. In years past it was the CISO and/ or CTRO’s role to come up with a plan, present it to the board, negotiate the budget and come back next year. But in today’s data-driven customer-centric world where the risks have significantly increased ongoing monitoring or updates to the status of the organizational cybersecurity health has become a board topic. It’s no wonder as the backlash of a breach today comes with a significant price tag both financially and to the brand.
Symptoms: A lack of confidence in the data being presented and a gut-wrenching feeling that the data is not really meaningful or useful.

Red flag two: roi is not a ‘nice to have’ but rather measured and expected

In tough financial and economic environments globally, budgets are shrinking. If money is to be spent on security, there needs to be a demonstrable return that the business is recouping in return a level of risk reduction. Every security team is now required (and if you aren’t you will be soon) to show that what they are doing is having an effect and add that every product or solution is being squeezed for an ounce of value.
Symptoms: You haven’t got a view of the coverage of your existing solutions across a trusted device inventory list.

Red flag three: teams spending too much time with their heads in data

If your teams are experiencing any of the following it should be a red flag to you that things are not working to plan:

• You’re spending more time on fighting over data integrity than actually solving the problem
• Teams are challenged with the same time sucking manual problems month on month.
• Results are out of date the moment they are finalized, or you’re pretty sure they are incomplete
• You’ve had to go back the next month and apologize for getting your figures wrong

Symptoms: These are usually pretty obvious, the loudest most often being Security teams complaining about the amount of reporting they have to do

Red flag three: you’ re not quite sure if the basics are getting done

Just know you aren’t alone. Getting the basics done can often be the most challenging part of the security process. When you have tens to hundreds of thousands of devices and often complex environments it can be difficult to keep track.
Organizations of all sizes struggle to keep on top of the almost daily requirement for something to be addressed. But the reality is that most breaches and especially the large ones always come back to the basics such as a missing vulnerability patch or an unsecured server that fell off the radar.
Symptoms: The performance of vulnerability and patching of devices is more guesswork than fact, or the installation, configuration and operational effectiveness of your anti-malware solutions is more folklore than reality.

Red flag four: pam is a dirty word

You will always need to allow people access to systems and sensitive data, but let’s face it, they also represent a vulnerability that attackers can take advantage of. Balancing ease of access with security is a difficult challenge to maintain a safe yet still productive environment. If you aren’t auditing and monitoring these effectively, you could be leaving the keys to the castle on the table. With the complexity in most organizations, it’s hard to identify and reduce the risks, even harder when you have privilege users circumventing specific PAM controls.
Symptoms: Are you sure all ex-employees have had their rights revoked? If the answer is ‘I’m not sure,’ you’ve got yourself a red flag.

If any of these ring true, and especially if more than one is playing havoc with your sanity, it’s time to take a step back as you most likely have an insight problem. You are missing a vital ingredient in your organizational arsenal as true insight can help you face the challenges of security differently. This isn’t about finding yet another new security solution that relies on addressing the FUD approach of firefighting. Instead, how liberating would it be to approach the problem by fireproofing your organization? Actually staying ahead of the game. By leveraging insight, you can know where your weaknesses are, understand your areas of opportunity to reduce the risk within your organization, and have the power to make informed decisions based on fact, not fiction.
That requires a commitment to being truly data-driven and leveraging the data that already exists within your organization, within your existing products and solutions. Combining your security, business, and IT data into a single trusted source, giving it life and a voice by using the right best-practice security metrics and analytics. Automation of this process is not a choice anymore; it’s a must. And finally, it’s about building trust. Working against a single source of trusted data security, risk and IT can work in a single unified direction.

About the Author

Nik Whitfield, CEO, Panaseer. A globally recognized figure in the field of cyber and financial technology, Nik brings direction and leadership to the team, where he applies his phrase #deservetowin daily.