Microsoft Chief Security Advisor and former Coca-Cola Company CISO, Jim Eckart, spoke at Kudelski Security’s Sales Kick Off in January. Below is a summary of his presentation.
Every new year brings a glut of articles on industry predictions and with it, inevitable questions from the board about how the CISO will address (all 42 of) them. The real challenge in building a credible program is less about correlating program to trend but more about a fine balancing act. The CISO must referee between the IT department that drives procurement, technologists who want to buy the latest best-of-breed and their own perennial mission to get basic sound security practices in place. Against a backdrop of a more complex, fragmented technology landscape, below are some core challenges and observations about the security trends that will stay the course.
The Rise of AI and Machine Learning
If harnessed intelligently, the power of AI and machine learning will drive significant value to the CISO, helping remove complexity, risk, and build resilience. Regulatory compliance will become easier to prove and achieve because the identification of risky behavior will be automated. CISOs will have more accurate and universal visibility of incidents; the exponential rise in threats will continue apace and it will be machines that help separate signal from noise and trigger incident response and remediation actions. Talent shortage is a reality, yes, but AI and machine learning will help mitigate the impact.
Best-of-Breed vs Technology Integration
Best-of-breed security infrastructure is complex and growing exponentially. With the growing array of technology, security staff often end up working to support platforms rather than doing security. This is not sustainable for obvious reasons (talent gap, notably) and will drive demand for integrated platforms that facilitate technology consolidation.
Innovation and the Cloud
DevOps and agile are enabling developers to wander off the ranch. With speed to market being the common mantra, developers can end up provisioning hardware incorrectly. This has driven the types of policy-based capabilities that you find in cloud offerings like AWS and Azure, enabling developers to get it right the first time and get it within policy. The benefit gap between cloud and on-premise will widen. With the cloud, CISOs will more easily be able to remediate incidents – everything from updates and patches to endpoints and servers can be pushed or spun up quickly on tap.
From Cybersecurity to Cyber Resilience
In a nutshell, 2020 is all about moving from a narrative of cybersecurity to one of cyber resilience. CISOs will look to remove complexity and get back to basics. And behind it all, we can expect to see Cloud, AI, and machine learning occupying center stage.