What is it like to not only be a CISO but to also be one in a large, global organization? I recently had the pleasure of speaking with Mark Ruchie, CISO of Entrust, a global tech firm securing data, payments and identities.
The journey for someone to the role of Chief Information Security Officer (CISO) isn’t often straightforward. Take Sandy Dunn, for example. Per SailPoint, Sandy started as a paper delivery kid at 10 years old. She then worked her way through software sales, insurance, and even horses before becoming the CISO of a health insurance provider in Idaho. All these “entry-level” jobs share one thing in common.
In today’s cloud-native, app-first and remote-first world, it has become a considerably more complicated task to verify the identity of a user or a service, and determine policies that say what they are and aren’t allowed to do. Yet, the first half of that problem, authentication, for the most part, is already solved because of standards like Security Assertion Markup Language (SAML), OAuth and Secure Production Identity Framework for Everyone (SPIFFE).
Over the last 18 months, cloud application use has skyrocketed, with the average organisation with 500-2,000 employees now using 805 different cloud applications. This is a staggering level of new risk for CISOs to get their heads around. At the same time that cloud use has grown, so too have the efforts of malicious actors to target cloud applications which are all too often poorly secured and present a constant opportunity of unsecured data to compromise.
In today’s highly interconnected worlds, CISOs face a dual challenge: protecting data and reporting to the Board of Directors. Log management has long been a tool in the CISO’s back pocket, helping gain insight into potential security issues. However, the rise of cloud-based infrastructures changes this, making log management increasingly difficult.
Cybersecurity is an ever-changing landscape, and it’s essential to have the right people on your team, like a virtual chief information security officer. This person can help you protect yourself from cyberattacks by building out cyber security programming, including infrastructure protection, data management, and customer privacy concerns.
When the COVID-19 pandemic descended on the U.S., companies took a no-holds-barred approach to maintain their operations. Employees up and down organizational structures were told to work from home, and IT teams were tasked with making that happen. The timeline was short, and approval processes moved quickly, which meant changes to network access and security were made more quickly, and in some cases more haphazardly, than in a “normal” situation.
Back in the early days of networking, many companies assigned all of the responsibilities to anyone who showed any aptitude towards operating a computer. In many companies, this was an accountant or someone else who also managed sensitive financial information. The assumption was that the person managing the corporate books was the most trustworthy person in the organization.
This is a story of an emperor who wanted to protect people and grow his empire. Once he had to face the biggest battle. He conquered the battle through back door intelligence of the enemy. With a risk-based approach he was able to predict the actions of the enemy. This made him invincible. In today’s world, CISO organization faces the same battle but against the cyber war and are therefore are under constant pressure to protect organization.
