Building a Cyber Strategy for Unknown Unknowns
As security professionals, we know a lot of the things we lack visibility into that can cause security issues. That alone is enough to keep your team occupied. But what about the things you don't even know about in the first place?
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark , the producer of CISO Series , and Geoff Belknap , CISO, LinkedIn . Joining us is our sponsored guest, Himaja M. otheram, security researcher, Censys .
Preparing for the unknowns in cybersecurity
The very nature of cybersecurity is dealing with uncertainties and unpredictable challenges. So do unknown unknowns actually even exist? "Unknown unknowns are more of a conceptual space that represents, ‘We know we don’t know everything, so expect a little chaos from time to time,'” said Matt Holland from seedata.io . CISOs need practical ways of coping with the reality of not even knowing what might hurt the organization. "Dealing with the unknown unknowns comes down to resiliency. All you can do is prepare as best you can to survive in the face of a determined adversary," said Edwin Covert of Bowhead Specialty .
Fostering a collaborative security culture
A proactive security culture is a great defense against unknown unknowns. Jonathan Waldrop from Insight Global. came up with a great metaphor, "If the security team is the firefighter, then the rest of your company needs to be Smokey The Bear and work to prevent fires." This is where a security culture needs to extend to the whole business, not just the security team. "Get everyone in the org to report things they don’t understand or don’t work as expected. Make sure the security team has the capacity and competence to follow up on all of the reports," said Jovica Ilic of WIM Security GmbH .?
Security needs to think as creatively as threat actors
The realm of cybersecurity is marked by dynamic threats and evolving challenges, often rendering a proactive approach as the best defense. "This is where you want human creativity to be encouraged and have dedicated time to think strategically. Successful strategies are about adding thoughtful perspective," said Rocky DeStefano from RiskOne . Cyber threats are constantly evolving, so you need to give your team a chance to be more than just reactive. "The challenge is to discover the unknown unknowns first and try to improve before they can be used against you," said Andrew Hendela of Karambit.AI .?
Preemptive approaches in cybersecurity
One way to think ahead of threat actors is to actively look at how your security controls can fail. "During a pre-mortem, we challenge ourselves to identify all the ways our proposed security control could fail. This gives us a list of concerns to address as part of our design," said Benjamin Purgason from LinkedIn . Jordan Wigley , field CISO at SimSpace , advocated for the value of real-time simulations. He notes, "The ability to simulate your 'worst day in the office' before it actually happens helps to uncover gaps in playbooks. Then you can be prepared mentally and procedurally to remain calm when it counts most."?
Thanks to Aldo Febro, PhD at Continuant for also being a witting contributor.
Please listen to the full episode on your favorite podcast app, or over on our blog where you can read the full transcript. If you’re not already subscribed to the Defense in Depth podcast, please go ahead and subscribe now.
Huge thanks to our sponsor, Censys
Join us TOMORROW, Friday [11-17-23], for "Hacking U.S. Data Privacy"
Join us Friday, November?17, 2023, for?“Hacking U.S. Data Privacy: An hour of critical thinking on dealing with ever changing patchwork of regulations.”
Joining me for this discussion will be:
领英推荐
It all begins at 1 PM ET/10 AM PT on Friday.?We'll have fun conversation and games, plus at the end of the hour (2 PM ET/11 AM PT) we'll do our meetup.
Thanks to our Super Cyber Friday sponsor, Vanta
Cyber Security Headlines - Week in Review
Make sure you?register on YouTube?to join the LIVE "Week In Review" this Friday for?Cyber?Security?Headlines?with?CISO Series?reporter Richard Stroffolino.?We do it this and every Friday at 3:30 PM ET/12:30 PM PT?for a short 20-minute discussion of the week's cyber news. Our guest will be Jay Wilson, CISO, Insurity. Thanks to Sysdig.
Thanks to our Cyber Security Headlines sponsor,?Sysdig
Jump in on these conversations?
"Why do we accept these dumb marketing catch phrases like “air-gapped”?"?(More here)
"How to start classifying data at a company that has never classified data before"?(More here)
"What is your process for creating and releasing new SIEM rules?"?(More here)
Coming up in the weeks ahead?on?Super Cyber Friday?we have:
Save your spot and register for them all now!
Thank you for supporting CISO Series and all our programming
We love all kinds of support: listening, watching, contributions, What's Worse?! scenarios, telling your friends, sharing in social media, and most of all we love our sponsors!
Everything is available at?cisoseries.com.
Interested in sponsorship,?contact me,?David Spark.
CISO ? Founder of WIM Security ? Author
1 年Thank you for including my thoughts on the topic in this episode, David Spark! With the development of AI, I think this topic is going to get on importance for all of us on the blue side of things.
Global Field CISO
1 年Love CISO Series Podcast and listen often
Senior Director @ Fannie Mae | Cybersecurity Leader | Advisory Board Member
1 年I appreciate the quote inclusion in today's episode, David Spark! If anyone wants to talk more in-depth on how I've helped cyber defense and response teams prepare for their "worst day in the office" before an incident actually occurs, reach out anytime. I love to geek out on this topic! ??