Are we done playing defensive yet?

Unsurprisingly, when we think of cybersecurity, most only think of defensive measures. Especially, at the edge and for consumer IoT devices, cybersecurity is mainly defensive. While it is great to have defensive tactics in place, it is proactive cybersecurity that will keep us secure in the present environment. Cybercrime is expected to skyrocket in the next few years, per the article based on the World Economic Forum Annual Meeting. Truth be told, cybersecurity is everybody’s responsibility. It is important to get full transparency about cyber risk and ways to manage it proactively to protect yourself, your identity, your assets, and your business. But who can educated us about proactive cybersecurity design principles grounded in modern practices? 

Enter - The IronMan/ IronWoman aka the modern day CISO and/ or the MSSP focused on security by design. And thier first step is to bring together people, processes, and technology to design cyber hygiene, layered authentication, and a holistic security posture. What risk management principles are they using to defend the environments? What are they facing in the SOC in 2024? How are they earning trust for their security design from business stakeholders and customers? 

In 2024, the CISO and MSSP is having to consider: 

1. Keeping abreast of governance, risk management and compliance requirements as well as established security frameworks as prescribed by governmental, regional and industry bodies 
2. Tackling the imminent threats that continue to exist as history repeats itself in peculiar ways, with interesting twists in the modern threat landscape
3. Addressing that AI is progressively embedded in both cybercrime and cybersecurity 
4. What is at stake? - in terms of the monetary value of business risks or initiatives, read article here about World Economic Forum’s estimates for the present and future impact of cybercrime  

Globally, business needs related to confidentiality, integrity and availability demand increased vigilance. It is about going back to the drawing board, to seek better innovation and latest technology. The modern CISO/ MSSP is leading this exercise. No longer do we wait until a zero-day attack actually happens! While the CISO is enjoying an elevated status, he/ she is also charged with proactive reporting and management of the business’s cybersecurity posture. It is a prerequisite to design to governance norms with clear compliance requirements for the board to understand potential cyber threats. The CISO is leading their business directors to exercise care and diligence wrt data breaches and be proactive toward information security for the sake of both the company and its customers.

To get everybody on the same page and to set the stage for constructive dialogue regarding cyber resilience and growth, the CISO needs data driven, actionable insights to inform design decisions and continuous improvement. There are two important perspectives: 

Security Posture Design - The current cyber security posture including response and resilience metrics, directly related to business continuity and disaster recovery

• Designing around the mission critical teams and business areas driving the greatest risk for the company (the crown jewels) 
• An assessment of the company’s compliance status of each business area based on CIS/ NIST/ ISO critical control frameworks as well as industry/ geography specific norms.
• The latest updates and efficacy metrics related to incident response (IR) preparedness, and the historic frequency and severity of cyberattacks
• Threat assessment of third-party vendor management and security across engg, IT and devops (including RTOs and RPOs)

Designing to keep an eye out - Industry intelligence of potential and recognized cyber threat landscape, including industry specific attack trends.

• Significant and recent incidents and breaches in peer organizations with a potential to target and impact your business
• Industry best practice security frameworks wrt new threats, identifying existing gaps wrt zero-day possibilities 
• Industry relevant security awareness, training and best practices for employees  
• Industry specific simulated phishing and pen-testing exercises 

By bringing together people, processes and technology to focus on the right metrics, the CISO or the security practitioner can create a design based and effective security program to earn the trust of their prospects, stakeholders and customers as well as protect the organization's assets and reputation.