As many more businesses are now entering into the Cloud,
whether it is AWS or Microsoft Azure, data leakage has become a serious problem. A lot of this can be attributed to the
misconfigurations that occur, usually at the fault of the IT Security team that
have deployed the applications.
Another reason is that there is too much over privileging
that is being done with the end user accounts.
For example, an administrative assistant might be given read, write and
execute permissions, when all they really need are the read and write and permission.
Or another example is when a Network Administrator is given
not only the permissions that they need, but they may also be given other
permissions that fall outside of their domain, such as being assigned Database
Administrator privileges as well.
With these misconfigurations, data leakages, giving out too
many permissions than are needed, it is no wonder that online fraud, or even
that of ID Fraud is now becoming rampant in today’s Cyber world.
Thus now the cries
are being heard to merge all three of these Cyber specialties into one force:
*Fraud prevention
*Identity and Access Management
*Cloud Security
Of course, not every business has the manpower or even the
financial resources to combine all of these into force. Before you embark on this herculean feat, your
IT Security team needs to address the following questions:
*Despite adopting Multifactor Authentication and other
protective measures, are your customers still complaining about the lack of
security on your website (especially your online store)?
*Are these complaints and/or concerns causing your overall revenue
to fall?
*Is your market growth severely restricted because of an
increased level of fraud risks?
*Have your customers ever become a victim of Ad Fraud, Online
Fraud, or even ID Theft?
*Do you have too many devices from too many different
vendors which is leading to a spawl like effect?
*Does your IT Security team even understand how to take into
account Fraud Prevention services?
*Is your IT Security team feeling a strong sense of burnout
because of all they have to do? Is your
business experiencing a high rate of employe turnover?
If you have answered “Yes” to most of these questions, then
it is probably time to bring in all the three mentioned Cyber areas into one
roof. But this is not something that is
to be jumped into quickly, rather, you need to craft a comprehensive plan,
using a phased in approach. Here are
some guidelines you can follow to help achieve this:
*What are your Cyber goals and priorities? What is the overall goal and vision? Keep in
mind that this is the job for the CISO or the vCISO, not the IT Security team,
but their input should be sought and seriously considered.
*What is your current budget like? Can it accommodate for all three of the Cyber
areas to be formed into one unit? Also,
will your budget be increased if and when needed?
*What extra staffing do you need? If full-time hires are out of the question,
can you make do with just contractors?
*Can you use your existing security technologies to bring in
all three Cyber areas together, or will newer technologies be needed? This is probably best answered by conducting
a Risk Assessment, and from there deciding what is needed. Remember you do not want to expand the attack
surface by bringing in many newer technologies and vendors.
Once you have formulated the answers for all of the above
questions, the next step is to then find the common goals and objectives to bring
all of these areas into one silo.
Remember, you do not have to include all of your IT Security team
employees in this, as they are busy and stressed out enough as it is.
Rather, all that is probably needed is to have just one or
two representatives from each specialization form this new, siloed team.
Finally, once this proposed new team is in place (at least
in theory), it is very important to have the buy from the upper brass,
especially your CISO. Then from there,
it needs to be taken to the rest of the C-Suite and ultimately, the Board of
Directors for final approval.
My Thoughts On This:
Trying to get rid of the siloed approach in Cyber has always
been a dream, and unfortunately, it has never been realized yet, at least
completely. The problem is that many businesses
try to rush into this too quickly, without giving much thought to how it will
be done.
As a result, things fail in the end. Therefore, it is very important to have that
plan first, and use a phased in approach.
Remember, humans are creatures of habit and don’t like change.
Trying to create one huge Cyber silo will for sure bring in a lot of resistance
to change. Therefore, taking well
thought out baby steps and being slow is the best way forward.
Also, in the end, everybody has to be on board for this new
effort, especially from the top. Unfortunately,
you will not get an immediate buy in from them, and they will have to be poked
and prodded to finally go along with the new plans. Keep things as to how it will impact the
bottom line, as that is the only thing that they can relate to.
Also, don’t hesitate to use AI and ML tools for bringing all
of your siloes under one roof. They can
automate many of the mundane tasks, thus freeing up your staff to focus on the
most pressing issues, one of them maintaining a proactive stance on
Cybersecurity, and the threat landscape.
No comments:
Post a Comment