CISO Shares Strategies For Surviving The Inevitability Of Attacks
Loop in application, network teams to help spot threats and attacks before they do harm
October 3, 2013
NEW YORK, N.Y. -- Interop New York 2013 -- Chief information security officer Jay Leek says today's reality that you can't stop all cyberattacks means security teams must double down on smarter detection of threats and attacks rather than the traditional approach of mainly trying to prevent them.
Leek, who is the CISO at financial services and asset management firm Blackstone, says the more you know about your attackers and their M.O., the better chance you have in thwarting any real damage. That entails three main mindset and strategic shifts that security pros need to make, he says, to handle threats and attacks today: better visibility into threats and attacks, better intelligence about them, and a planned response rather than merely reacting to the latest threat, vulnerability, or incident.
"The reality is that bad guys have much more time on their hands than we do," says Leek, who gave a presentation from the CISO's perspective here at Interop yesterday. "If you're focused on prevention and not much on detection, you are flying blind sometimes because you don't necessarily know where you're headed."
Blackstone is adopting what John Pironti, president of IP Architects, says is a prime example of a risk-based model for security -- one where security pros serve as advisers to the business on the real risks facing their firms, rather than as the naysayers they sometimes appear to the business side.
"Security is the output" of what the business' risk profile defines, Pironti says.
Meanwhile, Leek estimates that most organizations spend about 70 percent of their capital, resources, and processes on prevention, but that model is no longer viable in today's threat landscape. "Our programs, generally speaking, largely reflect the vendor landscape" of mainly prevention-based tools, he says. "Why is this? Because it's sexier to sell prevention," he says.
Security teams need to change up their strategy, he says.
About the Author
You May Also Like