• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • About
    • Secure360
    • UMSA
    • Get Involved
  • Events
    • Secure360 2021
    • Student360
    • Past Events
      • 2020 Secure360 Twin Cities
      • 2020 Student360
      • 2019 Secure360 Twin Cities
      • 2019 Student360
      • 2018 Secure360 Twin Cities
      • 2018 Secure360 Wisconsin
      • 2018 Student360
      • 2017 Secure360 Twin Cities
      • 2017 Student360
      • 2016 TC Secure360 Conference
      • 2015 Secure360 Conference
      • 2014 Secure360 Conference
      • 2013 Secure360 Conference
        • 2013 Secure360 Conference Speaker Presentations
      • 2012 Secure360 Conference
  • For Sponsors
    • Secure360 Twin Cities
    • Student360 Sponsors
  • For Speakers
    • Secure360 Speaker Details
    • Student360 Speaker Details
  • Blog
  • Nav Social Menu

    • Facebook
    • LinkedIn
    • Twitter
    • Vimeo

Secure360

A deeper view into the threat landscape

April 4, 2016 by James Carder

security threat landscape

Copyright: 123rf/Sergey Khakimullin

The following is a guest post by a 2016 Secure360 Twin Cities Platinum Sponsor sponsor LogRhythm. 

The threat landscape for 2016 hasn’t really changed, except for a few minor adjustments. We are still seeing nation state threat actors, financial crime groups, hacktivism, terrorist organizations and commodity threats (e.g., CryptoLocker).

The majority of these groups are just using variations of the same tactics they’ve always used to infiltrate organizations. As a society, we have a new found knowledge, visibility and awareness of these threats—but they are not new.

Unveiling the dangers of security intrusion in control systems

The media has done a phenomenal job at helping information security professionals send the message about what a successful intrusion could mean for a brand. It took a few companies to be the example for others to realize that the threat is real, they can be targeted and they don’t want it to happen to them.

It takes a business-savvy security professional to interpret what the executives and the board hear in the news into how that could impact the business.

Any security professional who makes an assumption that executives fully understand information security and all of its jargon is foolish. The universal language of business is about dollars and cents; not about risk and risk mitigation.

A security professional can raise awareness about the dangers of a successful intrusion and translate an event into direct business impact.

Strategy first

The first step in building security for the enterprise is to develop a strategy. The information security strategy should be fundamentally built on the risks, threats and impact to the core business.

A business impact analysis can help you to understand how the business operates from a people, process and technology perspective and map your strategy to that.

By aligning your strategy to what’s important to your business, not only will you know what to protect and how, but you will also gain support from executives. In the end, that is what should be important to you.

Once you understand the risks, threats and impacts to the business, then you can map the people, process and technology strategy accordingly. Once you have the complete strategy built, then it’s all about execution, which is the hardest part.

Role of the government in augmenting network security practices

I see a number of companies being considered “critical infrastructure” now. The Department of Homeland Security (DHS) defines critical infrastructure as “the backbone of our nation’s economy, security and health.”

Healthcare was only added a couple of years ago, and today we’re seeing companies like Google and Facebook included, or they will likely be included very soon. When tagged as “critical infrastructure,” the government enforces higher standards as it relates to cyber security, but it also invests heavily in helping the company meet those standards.

The above items are in addition to more stringent controls being added to PCI, HIPAA, NERC-CIP and other regulations that are already out there. Failure to comply with a regulation can have a direct and negative impact on a company’s bottom line.

Takeaways from cloud security strategies

Moving to the cloud can be an effective and secure strategy. Oftentimes, the right cloud provider can protect your data better than you can. However, don’t always make that assumption.

When moving to the cloud, it is even more important that you understand your business and the business impact. The grueling work you put in up front with contract negotiations will pay dividends on the back end.

Bake security requirements and controls into the contract, establish security baselines and security service level agreements, ensure the company is SSAE18 SOC1 and SOC2 compliant, and make sure they can meet your specific regulatory requirements. The front end due diligence in evaluating a cloud provider is critical for long-term success.

Decoding the duties of CISOs and CSOs

My role and the general CSO role have changed exponentially in the past four or five years. From an organizational perspective, security is at the forefront and no longer takes a backseat to IT or other administrative positions.

The CSO presents to the board and can impact the overall direction of the business. If an organization is looking to go international or acquire another firm, security is now included in that decision.

From a technology perspective, the CSO is still charged with protecting the entire organization. As the rate of technology advancement increases, the landscape of what must be protected increases.

It’s no longer just about protecting IT resources. As we now are seeing in the new world of the Internet of Things (IoT), the blend of consumer and corporate technology within an organization is an interconnected web.

The CSO must work with facilities’ units for their Internet-accessible HVAC systems and thermostats, for example. And they must be aware of medical devices that roll around on carts with one end attached to a patient and the other end attached to the network.

All of the consumer devices that people now use are integral parts of their day-to-day jobs. Companies are introducing smart devices one after the other without thinking about the unintended consequences, and the CSO is responsible for it all.

The Security Intelligence Maturity Model™ (SIMM™) provides a systematic guide for an organization to assess and, in turn, actively achieve a heightened security posture. Understand your business risk and discover the state of or organizations cyber security posture. Download now.

Filed Under: Guest Posts

About James Carder

James Carder brings more than 17 years of experience working in corporate IT security and consulting for the Fortune 500 and U.S. Government. At LogRhythm, he develops and maintains the company’s security governance model and risk strategies, protects the confidentiality, integrity, and availability of information assets, oversees both threat and vulnerability management as well as the Security Operations Center (SOC). He also directs the mission and strategic vision for the LogRhythm Labs machine data intelligence, threat and compliance research teams.

Prior to joining LogRhythm, James Carder was the Director of Security Informatics at Mayo Clinic, a Senior Manager at MANDIANT, and led criminal and national security related investigations at the city, state and federal levels. James is a sought-after and frequent speaker at cyber security events and is a noted author of several cyber security publications. He holds a Bachelor of Science degree in Computer Information Systems from Walden University and is a Certified Information Systems Security Professional (CISSP.)

 

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Categories

  • Uncategorized
  • Guest Posts
  • Business Continuity Management
  • News and Events
  • Physical Security
  • Cybersecurity
  • Professional Development
  • Risk and Compliance

latest tweets

No tweets found.

Footer

Contact

For more information about UMSA events, contact: Marie Strawser

Email List Signup

Join our email list for monthly Secure360 news and updates!




Join our tradeshow email list for updates on sponsorship opportunities and upcoming exhibitor deadlines.

Sponsored by:
© 2021 Secure360. All rights reserved.