Intelligent CIO Middle East Issue 11 | Page 35

FEATURE: CYBER SECURITY - STAFF & RECRUITMENT SOLVING THE GROWING CYBER SECURITY PROBLEM REQUIRES MORE THAN SKILLED SECURITY PROFESSIONALS. IT REQUIRES A COMBINATION OF PEOPLE, ADVANCED ANALYTICS FOR PROACTIVE THREAT HUNTING, COMPREHENSIVE INTELLIGENCE FOR REAL-TIME THREAT AWARENESS, AND INTEGRATED SECURITY ARCHITECTURES. IN ADVANCED SECURITY ANALYTICS, THE VALUE COMES FROM THE PEOPLE Get a breach plan and advanced cyber security skills: Even firms with mature security organisations and advanced security protocols will experience breaches. Every organisation needs an incident response plan—a plan that maps out in advance and regularly tests against the types of incidents most likely for the firm’s threat model. It is recommended that you clearly define accountability and responsibility for data breach response and that it not be dispersed throughout the company. Create cross-functional teams that include the expertise necessary to rapidly respond to a data breach. Managed services from a trusted security advisor can help you create an incident response plan: one that uses the latest skills, analytics, intelligence, and technology to ensure rapid and effective resolution. Get security on the agenda in the boardroom: When it comes to getting www.intelligentcio.com MIKE WESTON Vice President - Cisco Middle East executives engaged, use high-profile breaches as an opportunity to have a conversation with the board. Describe how that breach can happen in your organisation. Then show them how to address vulnerabilities. Look beyond security professionals for in-house hires. Top-level candidates today come from military or federal enforcement background, corporate technology, and security strategy experience because they have an understanding of the threat environment and bring a strategic mind-set to the table. Consider corporate security professionals who are moving laterally from small to large organizations and IT professionals who have made the move from the infrastructure to the security domain. Choose the right partners: If every company is now a security company, choosing the right partner is paramount. Obtaining the right cyber security partner can help you round out your expertise, so you can be: • More dynamic in your approach to security by benefitting from global best practices and real-time threat intelligence • More proactive in your security posture by using advanced analytics capabilities • More adaptive and innovative than your adversaries by implementing a threat-centric security program that can address the full attack continuum before, during, and after an attack across all attack vectors Keep your security solutions operating at peak performance: Greater use of automation tools not only improves your security posture; it frees your security staff to focus on more strategic initiatives. Turn on more of the security features already integrated into your solutions. Organisations typically turn on only 30% of the security features available to them. And keep your software current. Unpatched or outdated software represents an attractive attack surface for adversaries. This is an exciting time in tech and it’s about to get a whole lot more interesting. Defending against the bad guys has never been as challenging and as rewarding as it is now. Globally, 26% of organisations are facing staffing shortages, and 35% are facing expertise shortages with security jobs growing at 12 times the rate of the overall job market, and three times the rate of general IT. There truly has never been a better time to consider a career in cyber security. INTELLIGENTCIO 35