Top 5 Key Takeaways From Cyber Security Hub In June

A Focus On Endpoint, Access, Budget, Talent & Strategy

Seth Adler

The Cyber Security Hub community has safely made it's way into July. As cyber security is a moving target, we take the opportunity to share perspective on where our collective sites were most recently set.

Top 5 Key Takeaways from June

  1. Like every piece of global society, the cyber security landscape has experienced immediate evolution.
    • There are potentially alarming responses to our global pandemic related questions in our Mid-Year Report. All respondents completed the survey between May 17th and June 8th. Most migration to remote work happened in the last two weeks of March. That means that all respondents were defending the enterprise with a remote workforce for at least six weeks when they completed the survey.
  2. Vast swaths of your workforce will continue outside on prem for the foreseeable future. And so, endpoint security and identity management have found a dovetail moment.
    • No matter where you currently are on the “return” continuum, some form of accentuated remote work, it seems- it’s here to stay. The days of 30%ish of your workforce remotely accessing your systems sometimes are in the past.
  3. 67.37% of cyber security community budgets have decreased or stayed the same over the past six months. (All survey respondents completed the survey between May 17th and June 8th).
    • The dollar cost of a breach, plus the future IP cost of that breach, plus the cost to the perception of the brand when the breach hits the headlines- explain all of that. Then ask- is it worth saving Nancy’s salary to expose us to that much risk?
  4. Good talent has in fact been pushed out by workforce reduction. In a growing industry- that talent will land on its feet. But a lack organizational evolution, if systemic and continual is potentially the bigger risk.
    • What’s top talent to do if the most dramatic societal shift any of us have ever dealt with in our respective lifetimes doesn’t change the strategy? 
  5. This new threat landscape, while more immediately dynamic- was noticeable. 100% remote couldn't have been predicted, but the tools that have opened up new threat vectors were already being used in limited remote work. Cyber security executives were in a good place to be able to defend.
    • Each of the contributing executives is saying in their own way. It’s not Reactive vs. Proactive- it’s Reactive & Proactive. Always allow yesterday to inform today and ensure that today’s action prepares you for tomorrows threats.

Key takeaways from the key takeaways:

  • Cyber security executives- like all other global corporate enterprise executives at this moment- continue to grapple with budget. Many in the community seem to be rallying around the concept of being able to present a business case for what is needed and what is not needed. Showcasing an open-minded cross-business approach in presenting budget needs seems to be the answer to ensuring the cyber security team has what it neeeds.
  • Strategy and approach seem to be very different concepts in the mind of the cyber security executive. Whereas the approach remains constant for the bulk of the community, folks seem open to strategic change.
  • Talent- either by being pushed out or by walking out- is out there for cyber security executives to scoop up. Having the resources to land that talent is only the beginning. Ensuring that both the strategy and approach continue to evolve is something top talent seeks.
  • Endpoint and Access are two distinct pieces. Ensuring that those pieces are well defended in the face of new threats is important. Realizing how to blend the two distinct pieces seems to be potential trend moving forward.