Who's steering your organization's cyber defense efforts? The person at the helm of your security operation has a gigantic responsibility, as well as some gigantic opponents.
There's been a rash of data breaches over the last several months and years; furthermore it's clear the problem is here to stay. That's more true now than ever, as the IoT gains traction and the quantity and quality of connections unlocks new dimensions in cyber threat and defense.
With that in mind, here are several things that the CISO of your organization should be aware of.
Ten things every security professional should know
Last summer, SecurityWeek.com listed ten things every security professional should know. Briefly, here they are.
1. Worlds will collide.
2. The attack surface will expand.
3. Threat diversity will increase.
4. Threat sophistication will continue.
5. Remediation will become more urgent and more complex.
6. Risk and impact will escalate.
7. Compliance and regulations will mount.
8. Visibility will be paramount.
9. Threat awareness will become the focus.
10. Action will need to be swift.
Click here to read about each point on this list - there are some important realities to think about here.
Ten things every CISO should be doing
Meanwhile, on SecurityIntelligence.com, you can find some recommendations on how a competent CISO can address evolving security challenges and create a company culture of risk awareness. The linked article was published about a year ago, but the advice holds: read it here.
Ten things your remote control software should support
1. 256-bit AES encryption
2. Centralized multi-factor authentication
3. Integration with Directory Services
4. Granular control over all user permissions through individual or group definitions
5. Complete logging with customizable audit trails and session recordings
6. PCI, ISO & HIPAA compliance or better for authentication & encryption
7. Access parameters for specific end users or devices
9. Automatic locking or logging of remote machines in case of abnormal disconnection
10. Closed User Group license keys
Whether you're the CISO of your organization or you have other responsibilities and interests in the security of your company, we hope this information proves useful.