Keith and I left the scene like we found it: the two kidnappers dead on the floor, their shotgun up against the wall, and the rope used to tie up Carl Timmons sprawled out on the floor. We tipped off local law enforcement and were gone before they arrived, leaving no trace we were ever there.
Sustained investment therefore in Tactical Strategic Relationships with specific IT/Business teams and vendors will help us to act faster and contain the damage from the next generation of cyber attacks.
Working with vendors, even vendors that have the best operational and logistical support, introduces risk into your business: risk of breach, inefficiency, or loss or damage to data.
An increasing complexity of technologies, as well as an increasing number of failures and attacks followed by an increasing dependency on business goals is changing the way we run Security Operations Centers. While bringing business experts into a SOC function might help security professionals get a better alignment with the business and strategize the SOC, it will not address all the scalability and agility problems inherent in a SOC.
Regulators and auditors are asking more frequently about organizations’ cybersecurity awareness and cultural programs. The sooner these organisations begin empowering their employees, the sooner they will improve their cybersecurity posture.
When software reaches EOL, it means that program will no longer be supported by the developer and there will be no more updates. Without updates and bug fixes, this software becomes vulnerable to hackers and cyber criminals.
As our cyber defense focus has shifted, so has the array of potential solutions. The choices we CISOs make in what we buy, and how, therefore matters. Best of breed may offer capability and expertise unavailable in bundled solutions. As a result, the good enough provided by bundled solutions may not be good enough anymore.
In part 2 of this interview with Endre Jarraux Walls, EVP and CISO for Customers Bancorp and Customers Bank, Endre explains what CISOs and fire chiefs have in common and shares his views on zero trust. He has sage advice for anyone looking to get into cybersecurity, and for CISOs in their first 90 days on the job to ensure they have another 5,000.
Alan Levine, CISO at Alcoa (retired) and Advisor, Jason Lewkowicz, Global CISO, for Cognizant, Matthew Butkovic, Heinz College of Information Systems and Public Policy at Carnegie Mellon University, and Eris Symms, CISO for Arconic Corporation collaborated to answer viewer questions from our latest webinar, “The Race to Secure Your Supply Chain”.
While most questions were addressed during the webinar, moderator Alan Levine subsequently provided additional insight. If you missed this webinar or would like to watch it again, you can view it below.
Endre Jarraux Walls is the Executive Vice President and CISO for Customers Bancorp and Customers Bank. His accolades include: a top 40 under 40 leader in the greater Philadelphia region, a top 10 global CISO, and an American Cyber Awards honoree. He received a BS in Information Technology from Capella University in Minnesota and Accelerated Management Program Certificate from Yale University’s School of Management for Executive Education.
In our third and final interview with Greg Crabb, the Virtual CISO and former CISO and Vice President for the United States Postal Service, he shares the changes he’s seen in cybersecurity during his career and what’s surprised him the most. Greg also explains the 4 C’s of innovation, what’s kept him active during the pandemic, and which family member plans to follow in his footsteps.
In part 2 of this three-part interview, Greg Crabb, Virtual CISO and former CISO and Vice President for the United States Postal Service, discusses how he sees the CISO role evolving. Greg proposes a new title for CISOs, who he feels CISOs should report to, and outlines what a CISO should do in their first 90 days on the job. He also shares an interesting story about what event preceded him joining the US Postal Service.
Greg Crabb is a Virtual CISO and former CISO and Vice President for the United States Postal Service. He, in fact, is a third-generation postal employee. In part 1 of this interview, Greg shares how he got started in the cybersecurity industry 26 years ago, how to keep the business running without compromising security, and what 80’s movie inspired him to get into federal law enforcement.
There is no silver bullet when it comes to preventing ransomware attacks. The best way to thwart an attack is to get back to basics. Require multi-factor authentication. Limit access to the network. Implement a zero-trust policy. Run user training programs. These are not the only steps CISOs should take, but they are necessary for building a secure foundation. Threat actors have banded together for decades to engineer attacks, but now it’s the “good guys’” turn to come together, share knowledge, and create processes to mitigate the risk of a ransomware attack.
Picture this: you’re a CISO at a hospital rushing from meeting to meeting, fielding calls in between, when suddenly you get the call. Bad actors infiltrated your system and are holding your digital assets for ransom. They’re demanding $500,000 or they’ll release your data. Data recovery isn’t your only concern. Many of these systems are literally keeping patients alive. What do you do?
When CISOs can see their organization’s data and track its lateral movement, they significantly mitigate the risk of a cyber attack or data breach. To achieve this level of cyber intelligence, your tools must be able to talk to each other. This includes the people in your organization who have access to your data; they must be able to talk to each other. With cyber intelligence, you can visualize the vulnerabilities in your organization. Without it, CISOs have only a matter of time before a threat actor takes advantage of the holes in their network.
The whole organization, not just the security team, needs to know how to respond when a cybersecurity incident occurs. Putting together an incident response plan that’s comprehensive and effective therefore can be a daunting task. Is it easy for management to execute? Is it easy for staff to follow? Do you conduct periodic table-top exercises? When was the last time you ran one? If you’re not sure where to start, or want to refresh your current IR plan, watch this video.
There’s more to information sharing than calling the Feds. You also need to inform your partners in the event of a cybersecurity incident, not just third parties but fourth and fifth parties, too. You need to consider what information to share and how to share it. If your Microsoft Exchange server was exploited, for example, information sharing via email is far from advisable. Information sharing can be especially difficult for smaller organizations who may not have processes behind information sharing. All organizations must establish processes that include information sharing and also demonstrate the value of it to their employees.
“The show must go on” is not just a famous Queen song or a mantra in showbiz. Whether your network suffers a failed software update, a big storm cuts off your supply chain, or you have a major breach, you must do everything you can to keep the business running. In other words, your organization must be resilient. One aspect of cyber resilience is establishing a business continuity and disaster recovery plan. Perhaps the most important aspect of resiliency, however, is the resiliency of your team. It’s important to keep in mind the impact a major incident can have on your employees, especially in a post-pandemic world.
Since the global pandemic chased everyone indoors, Zoom web meetings have become the new normal. We will figure this out. Eventually.
CISOs somehow maintain a sense of humor, despite the stress and frustration inherent in their jobs. And we’re all better for it.
CISOs have a lot of patience. Patience however is a virtue that can be tested from time to time. As the old saying goes, if you’re not a part of the solution…
Managing vendors, partners and suppliers can be a dirty job. What do soap and your supply chain have in common?
CISOs in higher education have a unique challenge. They must protect their network from hackers, like CISOs in other industries, but there’s a select group of people on college campuses that are even scarier than hackers…