Tech Talk: How CISOs Must Gear for Cybersecurity Challenges in 2023
“Organizations need to continue to improve their security stacks, observability, patching and response processes to more quickly identify issues before they become persistent.”
As the chief technology officer at Hyas, Dave Mitchell has the unique ability to identify anomalies in nearly any piece of network traffic that other people can’t see. In fact, he notified several companies with Log4j vulnerabilities before they even knew they were involved, he tells Spiceworks News & Insights’ Technology Editor, Neha Kulkarni.
In this edition of Tech Talk, Mitchell notes that a common but unfortunate cybersecurity approach right now seems to be CISOs waiting for the latest cyber threat to be exposed and then rushing to protect their enterprises. “It’s clear this strategy is not working,” he points out. Mitchell sits down for a discussion with the goal of helping the cybersecurity industry get back to basics and understand how to address their security posture holistically.
Key Points:
- The cloud is only as secure as you make it, and it requires continuous monitoring
- Neither artificial intelligence nor machine learning are going to bring a remedy for security
- More organizations need to move to hardware-based MFA, liked FIDO keys
Here are the edited excerpts from our exclusive interview with Dave Mitchell, chief technology officer, Hyas:
Dave Mitchell, CTO, Hyas
SWNI: The COVID-19 pandemic witnessed such a surge in cyberattacks during and after it that, both businesses and governments, succumbed to it. But as the impacts of cyberattacks are far from over, what major challenges businesses and governments must gear for next year?
Dave: I believe the challenges remain the same since we’re continually losing to the same attacks over and over. Organizations need to continue to improve their security stacks, observability, patching and response processes to more quickly identify issues before they become persistent.
With the growing number of credential theft attacks via phishing, smishing or malware, I do feel the need for hardware authentication keys (FIDO) is becoming more of a necessity than previously.
See More: Top Cybersecurity Threats in 2022 That Businesses Are Worried About
SWNI: A common but unfortunate cybersecurity approach right now seems to be CISOs waiting for the latest cyber threat to be exposed and then rushing to protect their enterprises. What precautionary steps can CISOs implement to craft a proactive approach to cybersecurity?
Dave: Great question – I think there are two real issues here. The first is the common reaction to firing a CISO the minute a breach occurs – it’s impossible for a CISO to really deploy security architectures and processes when their average tenure is 18-24 months.
“Secondly, I believe CISOs are overwhelmed by the number of security products in the market offering to save them from all attacks – there is no such product, and it feels like they don’t know what vendors to trust which precludes them from making significant changes.”
SWNI: Let’s talk about cloud security. Reports have found that cloud security gaps remain to decelerate transformation projects. What factors allowing threat actors to attack vulnerabilities in the cloud infrastructure itself?
Dave: The cloud is no different than running your own datacentre – the same issues apply, just with more complicated authentication and access controls.
“Misconfigurations are the easiest way to leave a door or window open for attack and this seems to be the most used vector.”
The cloud is only as secure as you make it, and it requires continuous monitoring to verify that the controls in place are working.
See More: Data Breaches Spur Consolidation in Cybersecurity Industry
SWNI: Another factor which rose to prominence with cyberattacks is ransomware demands. In what ways can CISOs look at harnessing the power of AI to improve cyber defenses?
Dave: AI & ML mean everything and nothing at the same time. While I do believe using ML on targeted datasets can uncover interesting anomalies, neither are going to bring about some security panacea.
“Security operators are and will be critical moving forward and require actionable, contextual data to succeed.”
SWNI: With remote work and BYOD, companies and CISOs lack control and visibility in the cloud. How can companies restore secure access, if bad actors are able to gain network access, maybe as the result of a phishing attack?
Dave: Every organization needs a business continuity plan – these plans include all the critical items to restore operations in the event of an emergency, security or otherwise. Backups, both of data and systems/applications and out-of-band access to equipment are just two of the many pieces that go into a real plan.
See More: 7 Cybersecurity Certifications for IT Pros to Uplevel Career in Security
SWNI: As the technology paradigm continues to shift rapidly, which cybersecurity trends will shape the future of security postures and network access management in 2023 and beyond?
Dave: I believe we’re already at the point of where we need a huge paradigm shift, due to the amount of social engineering and phishing attacks proving that our current MFA solutions are not going to suffice.
“I suspect many more organizations will begin moving corporate and production authentication to hardware-based MFA, like FIDO keys.”
In addition, observability across both managed and SaaS infrastructure will become a necessity, as the perimeter is a continually moving target.
About Dave Mitchell
Dave is responsible for the technical vision at HYAS. His experience, as both a team player and entrepreneur, is first class. He helped build and secure web-scale networks, including TWTelecom, Yahoo!, and Twitter. He also founded Singularity Networks, which was acquired by Cisco in 2019.
HYAS is a valued partner and world-leading authority on cyber adversary infrastructure and communication to that infrastructure. We help businesses see more, do more, and understand more about the nature of the threats they face, or don’t even realize they are facing, in real time. Our vision is to be the leading provider of confidence and cybersecurity that today’s businesses need to move forward in an ever-changing data environment.
Tech Talk is an interview series that features notable CTOs and senior technology executives from around the world. Join us as we talk to these technology and IT leaders who share their insights and research on data, analytics, and emerging technologies. If you are a tech expert and wish to share your thoughts, write to neha.pradhan@swzd.com
How can the cybersecurity industry address their security posture in the coming years? Share your findings with us on LinkedIn, Facebook, Twitter .
Image Source: Shutterstock
MORE ON CYBERSECURITY:
