Oops! Sorry!!


This site doesn't support Internet Explorer. Please use a modern browser like Chrome, Firefox or Edge.

Topics on Top of CISO's Minds: Conversations from Security Leader Peer Roundtable - September 2024

This report captures the key takeaways from the Senior Security Leader cohort on September 18, 2024. The discussion was facilitated by Jim Rembach, President of Peer Roundtables, and supported by SME and LinkedIn Top Information Security Voice, Petri Kuivala.

Senior security leaders participated actively in the conversation about the following topics:

1. Recession looming, what’s the impact to Security?
2. Distributed or Consolidated Security solution space, how should I invest?
3. What does Amazon 5days at the office means for us?
4. IAM and “odd” workers

Did you know?

PEER ROUNDTABLES

GET CONNECTED

NEXT COHORT

RESERVE SPOT

INVITE A PEER

SEND THEM HERE

Content by Topic

1. Recession looming, what’s the impact to Security? 

a. Cloud

i. Discussions about the On-prem, SAAS, cloud solution dilemmas. Where some people are cloud allergic and some are cloud enthusiastic.

ii. This is many times also driven by alternate motives related to job safety and competence. Be careful not to take sides without understanding the whole picture on the table. 

iii. Look also to the IBM Cost of Data Breach report 2024 page 6. It gives some data points related to the breach probabilities in different environments.

iv. With cloud the cost side of the solution is sometimes difficult to understand, pay attention to it.

v. It was generally agreed that SAAS solutions also comes with good security, which is driven by purpose build environment serving one defined use case. It comes also as a result of their business model where they do not afford to lose their reputation (exceptions to the main rule exists)

b. Increased risks

i. In general the insider risk likelihood increases when the RIF are expected.

ii. Make sure you are well connected with the C-Level to know any timing and target of RIF´s or other re-organizations that can impact to people motivations.

iii. There is always push for savings. We recommend to study the Gartner Outcome Driven Metrics (ODM) to make the CISO-C-Level agreements more clear.

2. Distributed or Consolidated Security solution space, how should I invest?

a. It is a topic for religious fights, make sure to prepare your thoughts well before getting to the battle-ground.

b. The security of the security solutions (exposure) is a factor that is not always well thought of.

c. Countering the previous, all eggs in one basket can also cause big troubles.

d. We believe that competences and efficient use of them is a big topic here. If you have best of breed only, you use a lot of resources to the integrations and maintenance. This also leads to single points of competences, where as the suite model better facilitates resilient competence base.,

e. There was a good proposal to drive most of the stuff with suites, but amending that with Start-up / Scale-up products, which can challenge the Status Q and help with making the suite more resilient.

3. What does Amazon 5days at the office means for us?

a. We were mostly afraid we will lose our unicorns who have since COVID established a freedom to work from anywhere.

b. Being able to recruit the best talent is not nearly always possible locally, hence the Security niche teams might need the settle with mediocre team members.

c. Doing this at the time of talent wars sounds really challenging.

d. On the other hand the company management usually optimizes the major workforce and is not thinking of the needs of Niche teams. Maybe there is possibility to have exceptions….

e. The C-Level knows that innovation needs f2f time as it drives unplanned meet´s between different people leading to small iterative innovations driving the long term success of the company.

f. It was also considered that there are certain competence pools in security like the IR teams who really benefit from the f2f presence.

4. IAM and “odd” workers

a. There was a short conversation about the problem the “odd workers” causes to the IAM. Odd meaning workers who are not employees and who do not really have a single organizational owner in the company e.g. HR does not manage them.

b. On conceptual level it was proposed to:

i. Have mandatory fields for worker in-take

ii. Consider Corporate wide RBAC model where the ODD´s have very basic and restricted access. E.g. Microsoft had 26 roles on global level to facilitate 200 000 employees (This was long ago).

Conclusion and Recommendations

As economic uncertainty increases, security leaders must remain closely aligned with senior leadership. A balanced approach between cloud adoption and distributed security solutions can enhance resilience.  Key resources include the IBM Cost of Data Breach Report 2024 and Gartner Outcome Driven Metrics for clearer security metrics.

FAQs

Q: How should CISOs prepare for the impact of a looming recession?
A: CISOs should focus on building stronger relationships with C-level executives to stay informed about reorganizations or layoffs (RIFs). Insider risk tends to increase during economic downturns. Additionally, adopting cloud solutions with a careful understanding of cost and security implications can help mitigate financial pressures.

Q. What are the security implications of Amazon's 5-day office mandate?
A: The return to office mandates, such as Amazon’s, could lead to losing top talent, especially those used to remote work. Niche teams, like security, may find it harder to recruit and retain specialized talent. However, face-to-face collaboration is often crucial for innovation and problem-solving, especially for IR teams.

Q: What are the pros and cons of distributed vs. consolidated security solutions?
A: Distributed solutions offer specialized tools but require significant integration efforts. Consolidated suites provide ease of management but may lack flexibility. A hybrid model, combining the strength of suites with innovative start-up tools, can create a more resilient security posture.

Q: How can we handle identity access management (IAM) for 'odd workers'?
A: IAM challenges arise when dealing with non-employee workers like contractors or volunteers. It is advisable to implement mandatory user intake fields and consider a corporate-wide Role-Based Access Control (RBAC) model with restricted access for such users.

Cohort Conclusion

In the end, it’s about being smart enough to ask for help, wise enough to know who to ask, and confident enough to bring it all together for your success and that of your team.

Meet with Petri

Learn about transforming your security awareness training results or any challenge you have with Petri. He works with boards, CISOs, vCISOs, global CISOs, VP Information Security, VP IT Security, Security Awareness Directors, Director of Security Awareness, Cyber Security Architect, Behavior and Culture, and Human Risk Managers, assisting them in discovering new thinking…. Click the button to access Petri's calendar.  

Schedule Time With Petri

Next Peer Roundtable Cohort - Thursday, October 17, 2024 @ 1PM ET

Secure A Spot At Our Next Peer Meeting

Additional Resources

Learn what your peers know that you need to.

Join Our Next Peer Meeting!

YES! SAVE ME A SPOT!
Privacy Disclaimer Terms of Use Contact

Copyright © 2020- Peer Roundtables. All Rights Reserved