Cutting Edge and Back to Basics: CISO Perspectives on the Current Cybersecurity Environment

With Cloudforce always aiming to be cognizant of the latest emerging tech and services that Microsoft has to offer, our Champions Department constantly has its ear to the ground for the next training session or conference. In March, Microsoft held its latest conference – Microsoft Secure. As you can guess by the title, this conference focused on how Microsoft can better enhance the security posture of those that utilize its products (Microsoft 365, Azure, and all related services). With how quickly businesses have recently accepted Cloud Adoption (Microsoft 365 – Microsoft Adoption and Microsoft Cloud Adoption Framework for Azure), it shouldn’t be a surprise that malicious actors have kept pace.

Over the last two years password attacks have increased from 579 to 1,287 per second. Currently, once an attacker makes it inside of your environment, it only takes about two hours for them to move across your network. The cost of dealing with these incidents hasn’t slowed down either – in 2022, companies wound up spending about $4.35 million per breach.

It isn’t all doom and gloom, though, as during the session, “How Do Executive Leaders Make Big Security Bets for Their Businesses?,” Bret Arsenault, Corporate Vice President and Chief Information Security Officer (CISO) at Microsoft, and Emma Smith, Cyber Security, Technology Assurance and Strategy Director of Vodafone, discussed their current cybersecurity approaches. It should go without saying that organizations of this size are under constant threat and failure to institute proper security policy would undoubtedly lead to a successful cyberattack at some point.

Even for companies not the size of Microsoft or Vodafone, these concerns are universal:

  • Ransomware
  • Balancing security expenditures during times of economic uncertainty
  • Dealing with emerging cybersecurity regulations that change regularly

The “Brilliant Basics,” as Bret called them, are nothing short of that – security fundamentals that consistently raise the functional level of your security stance and help you deal with the abovementioned issues. Cloudforce is often brought in to assist with security audits, and from personal experience I can tell you that a majority of the audit topics are focused on these fundamentals (regardless of compliance or the governing body that the audit is issued from).

The basics that every company should never let up on are:

  • Routine patching of systems
    • Servers, appliances, workstations, laptops and mobile devices – be wary of the devices joining your network
    • “Downtime is an inconvenience” is not a valid excuse
    • Vendors across the board usually supply these at no extra cost – you’ve already paid for them
  • Enforcing complex password requirements and multi-factor authentication (MFA) as a minimum baseline
    • Attackers are already executing attacks on MFA, so if your company doesn’t have it rolled out yet, you are really three steps behind
    • The next step in this fight is relying on biometrics – fingerprint or facial recognition for both mobile devices and computers (Windows Hello)
  • User knowledge
    • Your policies are only as good as your people’s understanding of security measures
    • Run routine trainings
  • Hardening of your overall security stance
    • If you accept the bare minimum, it means that there will be people not even doing the minimum
    • Spending on security platforms and services now is an investment against that possible $4.35 million breach bill
    • Turn away requests for exceptions

Being able to better handle all of these topics is where the cutting-edge part comes in. AI and machine learning are hot topics right now universally, but in the security realm it means this: the ingestion and processing of more data. If you were to manually go about checking systems for patch levels or trying to figure out which connections to your network are valid, it would take ages and human error is always a concern.

With security platforms like Microsoft Defender and Sentinel continuing to improve on these data ingestion and processing tasks, it helps to shift companies from a reactionary to a preventative stance. Often, we put security measures in place and wait for something to happen. With advancing AI and machine learning, systems are constantly analyzing more data and shifting in real time to prevent these breaches from happening in the first place. The goal of any company is to have its talent working on what matters most and these tools greatly aid in that. As Bret said near the end of the session, we’re rounding a corner, and for the first time in a while, the good people are starting to have an advantage.

 

Chris Maski
Author

A present day renaissance man and self-professed nerd, after spending nearly a decade in the health and fitness industry, Chris transitioned into IT in 2016. Computers had always been a life long hobby, but now they are a professional passion. Starting in the trenches of an IT support call center, Chris has since progressed from Help Desk Technician, to Managed Services Consultant (NOC) and is now a Cloud Solutions Engineer at Cloudforce. He owes his success to never being afraid of asking questions, being humble, and learning in the fires of "Well….lets see if anything breaks." situations.

Recommended for you.