Cyber Security Resolute Resolutions

Add bookmark

Seth Adler
12/28/2020

While 2020 has been a challenging year to say the least, there have been silver linings to the very dark storm clouds. The dark storm clouds of course include death, sickness, unemployment and familial distance- and we take a moment for those affected. 

But getting down to business, the silver linings are beginning to add up for those taking notice. The future of work which was going to take 3-5 more years occurred in 3-5 weeks earlier this year. That future of work has hurdled cyber security forward to demanding a cloud first mindset based on a perimeter or one; the user. 

The user as the perimeter means that PAM and IAM solutions are being implemented by a significant portion of the community. A zero trust mindset is leading to actual zero trust network architecture with over 20% of the community having at least a component in place. That means that zero trust has reached Garnter’s fame hype cycle’s last phase of the “Plateau of Productivity.”

True zero trust adoption then snaps us back to the beginning of the curve for Secure Access Service Edge- SASE. We’re still in the initial “Technical Trigger” phase for SASE with a first generation of products that need to be customized yet are presented with an impossibly high price for most. 

It is a few cutting edge players (no pun intended) mostly from the highly regulated industries of Financial Services and Life Sciences that are the early adopters diving into SASE- as they are for most cyber security technology. 

As written in the Cyber Security Year-End Report- Cyber Spend & CISO Trends, 60% of the community anticipates budgets being flat or down. If 40% of the community does in fact increase budget and source the necessary solutions to thwart threats and eliminate vulnerabilities from the cyber landscape but 60% do not- the global corporate enterprise cyber security landscape will likely look very different in 12 months time.

In addition to budget hurdles there will be disruptions big and small in the year 2021. And so it’s with that basis that we asked the Cyber Security Hub community to provide their 2021 New Year’s Resolutions on how to remain resolute and outpace disruption.



Prepare & Stay Ahead

Jeff Campbell, Chief Information Security Officer, Horizon Power

“To really prepare. I think that was the biggest lesson out of 2020, you always have to be ahead of the game. And I think you can do that through good preparation and just implementing the basics. Once you've got that down as an organization and on a personal level and not to be the single point of failure through preparation will stand you in good stead.”



Physical & Cyber Security

Tom Kartanowicz, Regional Chief Information Officer- Americas,Commerzbank AG

“Don't underestimate physical security. So much attention goes to threat intelligence, goes to cyber, it goes to things in the Cloud. Well, let's not underestimate physical security, because I have it under my remit. Making sure that the cameras are working, making sure the doors are working, making sure their user accounts are there- your cyber hygiene. But for physical as well, because there's still bodies- there are still people around. And if you're a criminal, yes, you could try to hack somebody from your parents' basement. But you could also just try to walk into an office that has no actual physical controls. Let's not forget that. So I really do want to get that back at my focus. Physical security, it's part of the stack. Let's not forget it.”



Empowerment & Accountability

Nannette Cutliff, SVP, Chief Information Officer, CISO, Pacific Service Credit Union

“Improve empowerment and accountability across all levels of my organization, to perpetuate and emphasize individual and collective strength. I want engagement and ownership that comes from that empowerment and accountability.”

 

No bad press & No bad press 

Don Schmidt, Business Information Security Officer, Fannie Mae

“Keep the company out of the bad press of the Wall Street Journal because of a bad day. Or if I can have an effect within the rest of the financial sector, helping friends at other companies, keep them out of the news.”

 

Automation & Automation

Martin Ingram, Product Owner, Identity and Access Management, Royal Bank of Scotland

“Automation, automation, and more automation. The more we can automate the services we deliver and the way we manage within our services, the greater space and greater resilience it gives us to cope with whatever next year throws at us.”

 

The above are clearly good solid cogent focus points for cyber security professionals. For good measure a couple of folks in the community also provided good solid cogent focus points for humans.  

 

Listen More

Lisa Tuttle, Chief Information Security Officer, SPX Corporation

“Listen more. Don't go in assuming you have the answer. Listen, because everybody brings a unique perspective.”

 

Leave it Better

Don Schmidt, Business Information Security Officer, Fannie Mae

“To grab an old saying from the Air Force, we used to say we want to leave things better than we found them. As I roll into 2021, I want to make sure that as we leave, I want to have a positive impact on 2021, to make sure that we leave 2021 better than we found it.”

RECOMMENDED