Coping with Security Sensory Overload

Published On: May 26, 2017

May 26th, 2017
Ed Snodgrass, CISO, Secure Digital Solutions

Like most in the security industry, I read extensively – both technical and non-technical information. It’s virtually impossible to keep up with everything, but it comes with the territory. Add to that the plethora of security-related data you receive from your enterprise tools and technologies, and it makes for a soul-crushing wave of data that must be processed, evaluated and potentially put into practice. How do we keep track of it all? And more importantly, how do we decide if it’s relevant to our mission?

Ideally, it would be fantastic to be able to instantly react and respond to everything out there, but it’s just not possible. Certain events and threats must be addressed immediately, however the majority must be analyzed and that takes time. While pinging my security teams for status every time I saw, heard or read something might give me some added measure of assurance, it wouldn’t make their lives very pleasant and we all know there’s a talent shortage out there. So rather than focusing on individual controls and countermeasures (unless the situation specifically warrants it), I find that it’s more effective to look at my security capabilities using critical process measurement and management and then assess the influx of information against that barometer.

Phishing, for example, represents a significant threat to the enterprise. This is well known, and the techniques used by bad actors continue to be refined. Analyzing every email that potentially makes it through the secure email gateway is a job for security pros, but isn’t a responsibility I pay forward to my business users. Analysis and adjustment happens first at the process level. What part of the process allowed this to happen? Was it technical? Procedural? Once it’s addressed, how will that change the process – a component of which, for example, is training and awareness. My users (for the most part) know to look at headers and naming conventions and use ‘if in doubt, throw it out’ as a rule of thumb. But if this is something new, I’ve got to incorporate that into every component of the process – from filtering to end-user training. Once that’s successfully completed, I’m able to measure the increased effectiveness of that process – showing upward (or downward) trending over time.

Obviously, it’s not that simple but it gives me a basis from which to measure and manage the capabilities of my security organization and that can be used both to run operations day-to-day and communicate to the C-Suite and Board. Our leaders don’t expect to be briefed on every individual threat and piece of information out there but they do expect me to ‘have things covered’ and be able to show evidence to back it up.   I can’t do that unless I’m able to cope with the ever-present sensory overload.

TrustMAPP helps me do that.

TrustMAPP.com

Browse These Topics

Tags

2022 Cyber trends Affordable Information Security Platform Affordable Security Assessment Tool analyze security data findings analyze your security data Assess Company's Security Readiness ciso CISO investment strategies Common Employee Data Security Mistakes company cyber security plans company that specializes in preventing data breaches company’s Internet security cybersecurity budgeting cybersecurity is discussed in board meetings data breach readiness Data Security Data Security Tactics Facebook Safety Federal Trade Commission’s cybersecurity standards fighting security attacks financial data stolen improving the information security of your company increase cyber security across your entire company information protected from a Malicious Cyber Attack Information Security Best Practices interactive security software platform Keep Cloud Storage Secure long term information security solutions maintain a successful security roadmap predict and protect yourself from potential threats prevent a devastating security breach prevent unauthorized access to your network prioritize potential threats Real-time Cyber Security Software real time information security Recent High Profile Companies with Data Breaches reduce cyber vulnerabilities security software dashboard for your entire company security team assess risk Simple Internet Safety stay ahead of cyber security threats unintentional data leakage valuable metrics and processes verbally explain the cyber security threats victim of a cyber security breach