“Security is NOT an IT problem…it’s a business resilience problem.”- Tim Foley, Sr. Manager of Information Security and Strategic Consulting at Dataprise.
The above sentiment was the theme of conversation at Dataprise’s Information Security Symposium this past Thursday, June 16th, at their Corporate Office and Technology Center in Rockville, MD. Over 50 business leaders joined this intimate event eager to discover more about the latest best practices and proactive risk management approaches related to Information Security. Below are a few highlights from the event:
Surviving the Security Landscape
Charles Ames, the State of Maryland’s Chief Information Security Officer, kicked off the evening with a keynote speech focusing on how much security is enough and what happens when businesses get attacked. He spoke with the audience about the importance of understanding who your users are, what devices they are using, and understanding administrative rights on your network. He also shared the eye-opening fact found in Verizon’s 2016 Breach Incident Report that 97% of breaches used legitimate third-party access to attack. Ames ended his keynote by sharing what his team is working on within their Security Program to establish a Cyber Secure Maryland, including policy, baselining, centralizing security controls, threat identification and continuous diagnosis and mitigation.
The Weakest Link
Following the insight from Charles Ames, a panel discussion moderated by Tim Foley, Senior Manager of Information Security & Strategic Consulting at Dataprise, then began featuring Ames and the following panelists:
- Joe Schreiber, Director of Solutions Architecture at AlienVault,
- Sean Ferrrara, Virtual Chief Information Security Officer (vCISO) at Dataprise
The discussion featured key topics such as the biggest security trends, threats and the shift in how organizations are viewing security. But one of the most discussed points surrounded the weakest link in every business’ security: employees.
“The weakest link in any organization is our people. They are our most valuable asset and are also our most vulnerable asset,” stated Ferrara. The discussion continued on, focusing on training for employees, aligning policies with a business’ culture, and the importance of executive buy-in.
The panel also emphasized that importance of having a security program and ensuring it aligns with the business goals and objectives. “Tools have outputs, programs have outcomes and when we’re putting together an information security program, the business needs and the needs of the organization are going to drive what we would like the outcome to be,” stated Foley.
The discussion also led into how a business can protect themselves from and prevent attacks. “Complacency is the enemy of vigilance, which is the key factor of any security operations center,” stated Schreiber in reference to the downside of using tools such as machine-learning, “and we want to keep that intact no matter the tool that’s used.”
Assess, Protect, Detect, Respond
The third segment of the symposium was a series of workshops discussing Dataprise’s Cybersecurity Intelligence Lifecycle (CSIL).
“If you don’t know where you are, how will you know where you are going or when you will get there,” presenter Sean Ferrara shared with the crowd regarding the Assess phase and dived into the necessity of identifying critical business assets and associated risks. Ferrara shared a variety of assessment solutions such as security gap assessments and PCI baseline analysis that can aide organizations with this goal.
Tim Foley jumped into the Protect phase by engaging the audience with layered defenses aka “Defense in Depth,” which include elements such as patching, training, offsite backups, security awareness training, and anti-virus. He discussed the importance of protecting critical assets with network security solutions and delved into the differing priorities of a CIO versus a CISO.
Joe Schreiber and Dataprise SOC Lead Lee Thomas Hagen led the way in discussing the importance of the Detect phase within the CSIL wheel. Solutions such as Unified Security Management (USM) and periodic security log review help business’ identify threats and vulnerabilities and allow for enhanced transparency to drive better business decisions.
“You’re going to be hacked. Have a plan,” was the quote from the FBI Cyber Division Director that Tim Foley shared to end the presentations with the Respond phase. He covered critical items such as business impact of breaches, the need to respond, remediate, and recover, and solutions to aid organizations with their planning, such as disaster recovery planning, managed remote backups, and incident response programs.
The discussion and questions kept reeling after the final presentation with a cocktail hour and networking session.
Overall, the event was a success for Dataprise and left audience members with a new point-of-view on security. “I enjoyed the contrast of perspectives from folks with different experience,” stated a Director of IT who attended the event. “Mr. Ames offered a great executive viewpoint, Mr. Schreiber had a bit more technical detail and perspective, and Mr. Foley and Mr. Ferrara could blend the business and the technical together.”
To view resources from the event, visit www.dataprise.com/resource-center/security-symposium-resources