The 2018 Ponemon Institute CISO survey of “What CISOs Worry About” debuted at the beginning of the year, and not surprisingly, cyber-risk and data breaches remain key concerns, with 67 percent of respondents believing their companies are more likely to fall victim to a cyber-attack or data breach in 2018.¹ What is perhaps more surprising though is that another concern is at the forefront of CISOs’ minds this year: the human factor. Seventy percent of CISOs cite “lack of competent in-house staff” their number one concern and 65 percent state “inadequate in-house expertise” as the top reason they are likely to have a data breach. And their concerns are valid considering the 2017 State of Privacy and Security Awareness Report, which surveyed 1,012 US workers, and found that 70% of employees lack a firm grasp of security and privacy.
While employee negligence about data security is a concern, organizations are slow to address employee’s lack of security and privacy education. When IT departments are so busy working on the day to day upkeep of enterprise IT service delivery, proper employee security and privacy training is not a top priority. This compounded by another surprising statistic in the Ponemon CISO survey, that 69 percent of respondents believe their job will become more stressful in 2018, which indicates that CISOs need organization-wide support to create a culture of vigilant and educated personnel. The initiative to create a culture of best-practice information security management must come from the top down, and unfortunately organizations only address the risks of data breaches after they’ve already happened.
Given that cyber-breaches are inevitable, this reactive approach to data breaches could be incredibly costly, both from fines issued from noncompliance of regulations like GDPR, HIPAA, PCIDSS, etc., and from damage to your brand reputation.
A new approach to enterprise security is needed. It is imperative that you have both the technology to prevent and detect potential cyber-attacks, as well as competent personnel and policies within the organization to prevent negligence and malicious insider threat that no amount of perimeter security can plan for. Overworked and understaffed security professionals need automation technology to help prevent a cyber-attack, visibility across all network devices to detect said attack, and a plan in place to stem the bleeding.
Gremalto’s 2017 Breach Level Index also concludes that current security measures are not enough, stating that, “Security is consuming a larger share of total IT spending, but security effectiveness against the data-breach epidemic is not improving at all. In an age where data is distributed across and beyond the enterprise, yesterday’s ‘good enough’ approach to security is obsolete.” When you consider some of the high-profile breaches in the 21st century that hit companies like Target, Yahoo, and eBay, it becomes apparent that technology and resources weren’t the difference between them and other companies that didn’t get attacked. The quality of security policies and the degree to which employees follow and understand them is just as important as the quality of the security technology you use when protecting your data in today’s cyber landscape.
If you are a CiSO looking to improve your organization’s security policies, consider CorreLog’s range of security solutions. CorreLog’s solutions and services are designed for maximum interoperability, flexibility, and scalability. CorreLog has the capability to work either independently of, or alongside, other SIEM technology to improve threat management and incident response capabilities. We leverage your existing infrastructure, and processes to return the fastest and best return on your existing investments. CorreLog also offers a validated set of security apps for Splunk for IBM z/OS so you can integrate and analyze mainframe data within your Splunk dashboards with CorreLog zDefender™. Visit correlog.com today for more information on our solutions for both distributed and mainframe systems that help you identify network attacks, suspicious behavior, and policy violations by collecting and correlating user activity and event data, and mainframe systems that convert mainframe security events to standard distributed syslog format for inclusion to enterprise SIEM systems.
¹Ponemon Research Study: What CIOs Worry About in 2018. Commissioned by Opus, a risk management service provider. www.opus.com