Chief Security Officers Outline Roadmap to Combat Threats

by CXOtoday Staff    Jan 18, 2012

CISO panel highlights intelligence-driven security as strategic game changer in battling cyber foes

RSA, The Security Division of EMC released new insights from a group of the world’s leading Chief Security Officers (CSOs), designed to help corporations and governments dramatically improve visibility into advanced threats ranging from industrial espionage and disruption of business and financial operations to sabotage of corporate infrastructure.

“The day-to-day use of cyber risk intelligence is no longer just for government agencies; it is a required competency for corporate survival,” said Art Coviello, Executive Chairman of RSA.

He added that the tempo and serious nature of recent attacks calls for urgent and bold countermeasures that position organizations not only to detect advanced threats, but also to predict how attacks may occur so they can take steps to help mitigate risk and impact. “Combating advanced threats requires a new security mindset and vastly improved practices for gathering, sharing and acting on cyber risk intelligence,” he said.

The research report is the ninth in a series from the Security for Business Innovation Council (SBIC). The SBIC is a group of top security leaders from Global 1000 enterprises convened by RSA to discuss top-of-mind security concerns and opportunities.

In the group’s latest report, Getting Ahead of Advanced Threats: Achieving Intelligence-Driven Information Security, the Council advocates for a new defense doctrine for combating advanced threats called intelligence-driven information security.

This collaborative, big data approach includes consistent collection of reliable and actionable cyber-risk data from a range of government, industry, commercial, and internal sources to gain a more complete understanding of risks and potential exposures.

It calls for ongoing research on prospective cyber adversaries, and increase in new skills within the information security team focused on the production of intelligence.

The doctrine outlines a process for efficient analysis, fusion, and management of cyber-risk data from multiple sources to develop actionable intelligence with full visibility into actual conditions within IT environments.

Informed risk decisions and defensive strategies based on comprehensive knowledge of the threats and the organization’s own security posture, and sharing of best practices to share useful threat information such as attack indicators with other organizations are the other areas that are mentioned in the report.

“It can be hard to digest having to develop a multi-year plan to learn who your adversaries are and how they are going to steal from you,” said Tim McKnight, Vice President and Chief Information Security Officer, Northrop Grumman. “Quarter-by-quarter, you may not see any losses. It could be years until you see the losses when all of a sudden, out of the blue; a company in another part of the world becomes the leader in your space, having subsidized itself with your R&D investments.”