How Being Cyber Rigid Can Cost You Dearly

 

In the world of Cybersecurity today, having a plan of action to not only put our security breaches but to have the ability to restore back to mission critical operations is an absolute must.  After all, in the end, you don’t  want to lose customers, or even more importantly, your brand reputation.  You need to have your documents in place, such as the Incident Response, Disaster Recovery, and Business Continuity. 

You will always hear that it is also of paramount importance to keep rehearsing and practicing.  But in the end, this could lead to something that you do not want to happen:  Rigidity, in a time when you need to have fluidity, to keep up with the ever-changing Cyber Threat Landscape.

How does one break away from this mold?  Here are some tips to help with this:

1)     Do not become overly obsessed:

The CISO very often thinks that just because they have a set of procedures and documents that they can follow, all will be good if they are hit with a security breach.  But keep in mind that each threat variant is different from the next, and even in the past.  The plans that you have created and worked so hard for may not hold true as a result.  While it is important that you have them, and keep practicing them, you and your IT Security team should not be so locked into the procedures.  Yes, have them, but use that as a baseline only to keep an open mind as to what you could be facing out there as well.  In other words:  Having an impressive set of procedures and protocols does not always equal protection.  This can also be easily compared by having too many security tools.  This may lead you to think more is better, but this is not the case as this only increases your attack surface that much more.

2)     The C-Suite:

Yes, everybody loves to blame the IT department for anything and everything that can go wrong.  But yet once again, this is another huge error in thinking.  The IT Security team cannot be held accountable for each and everything  that happens.  In other words, there must be accountability at other levels as well.  What I am talking about here is C-Suite.  If a security breach does happen, they need to remain cool and collected to figure out how to combat it.  Once there is clear leadership and logic prevails, everybody else all the way to the bottom of the employee rung will follow suit.  Remember in the end, if you are hit by a security breach, panic will not help at all, but rather, a steady and guiding hand from the top is what will be needed the most.

3)     Simplicity:

Today, many businesses rely upon what are known as Playbooks.  These are now powered by Generative AI and are automatically triggered to contain a security breach if one does indeed happen.  But, there is no need to have millions of them.  Rather, create and keep the ones that you think you will need the most, and just use that as a baseline.  In other words, there is no need to fill in all the blanks.  Leave a few open so that you can be flexible and open minded when responding to a particular threat variant.  Also remember count on your training and instinct to respond.

4)     Psychology:

There is yet another error in thinking that a threat variant will only impact the digital assets that have been targeted.  While this is true to a certain extent, remember there are also other victims as well, such as your employees, other key stakeholders, and even more importantly your customers.  Your IT Security team needs to have this in the back of their minds as they put out a security breach.  Yes, this creates more pressure, but if you have great leadership from the top, people will think with a logical mind.  To put it another way, this is where keeping the mindset of being  proactive is an absolute must and will pay huge dividends in the end.

5)     Reality:

One of the best ways to keep your IT Security team in having that initiative-taking mindset is to train them on a regular basis with real world security scenarios.  I’m not just talking about security awareness training.  I mean putting them through the real grind of what is out there.  You can even make use of Generative AI to create these types and kinds of scenarios as well.

My Thoughts on This:

This all comes down to what is known as “Cyber Resiliency”.  Many people have different  ways of defining it, a rubber band.  Your IT Security team must be  able to flex and bend that much and  have the ability to come back  to a state of normalcy whatever the situation may be.  One other great area in which you can maintain that initiative-taking mindset is to model potential threat variants not based on past breach profiles, but rather from what is known as “Synthetic Data”.

This is where you use a Generative AI model(s) to create what is known as “Fake Data” to easily accomplish this task.  Also, get rid of the siloed approach.  Working as a team together is also what matters most in the Cyber world of today.