Documente Academic
Documente Profesional
Documente Cultură
CYBERSECURITY
Getting Buy-In From the Boardroom
W W W . P R O F I C I O . C O M
BRAD TAYLOR
CEO OF PROFICIO
25+ years of experience in enterprise cyber
security, networking, and software
AGENDA
01 CISO’s Cybersecurity Goals
W W W . P R O F I C I O . C O M
03 The Gaps: Common Areas of Need
06 Key Takeaways
ABOUT US
PROFICIO OVERVIEW
W W W . P R O F I C I O . C O M
SINGAPORE
WWW.PROFICIO.COM
ALERT FATIGUE LACK OF VISIBILITY
▪ Too many alerts,
RESOURCES
▪ Poor threat visibility or
what’s relevant? ▪ To constantly add system performance
Use Cases & Build
▪ Base SIEM content Content ▪ Poor threat
creates thousands of investigation,
notable events and ▪ To actively monitor
validation, and triage
false positives threats 24x7
workflow
MOST COMMON SECURITY OPERATIONS GAPS
“KNOW YOURS BEFORE YOU MEET THE BOARD”
PEOPLE/OPERATIONAL
▪ Having the Right Team in Place is Essential to Any Security Operations
▪ Can You Train People? Keep Educating Them? Can You Keep Them Employed?
PROCESSES
WWW.PROFICIO.COM
▪ Threat Discovery & Incident Response Needs Well-Defined & Documented Processes
▪ Generating Too Much Noise. Rule Creation is Critical in Order To Generate Actionable Alerts
▪ Missing Unknown Threats: Leveraging Threat Intelligence and Prior Incidents are Key
▪ Fine Tuning Rules: Continuously Write Rules and Keep Them Fine Tuned
TECHNOLOGY
▪ Latest SIEM and SOC Technology to Discover and Respond to Threats
▪ SIEM and Machine Learning Architectures are Not Designed for Cognitive Decision Making, Hence, the SOC
Relies on an Army of Security Analysts to Be Very Tactical
CONSIDERATIONS TO ALLEVIATE CHALLENGES
BUY, BUILD OR HYBRID
W W W . P R O F I C I O . C O M
and Data ▪ Alleviates Hiring & Retention
▪ Pick & Choose Services
▪ Ability to Customize Processes ▪ Cost Savings is Significant
▪ Leverage MSSPs Use Cases
to Specific Needs
and Content ▪ Able to Leverage MSSPs Use
▪ Cost Savings is Significant Cases & Content
CONS
▪ 24x7 Security Monitoring &
▪ Must Have a Large Budget CONS Alerting
▪ High Turnover Rates ▪ Must Still Maintain Staff
CONS
In-House
▪ Risk of Becoming Insular
▪ Invest in SIEM Technology ▪ Creates Dependency on 3rd Party
▪ Seldom Able to Identify &
Respond to New Threats ▪ Share SOC Management ▪ Requires Coordination with
Internal & External Teams
BEFORE THE BOARD MEETING
W W W . P R O F I C I O . C O M
▪ Risks and Vulnerabilities
▪ Controls or Lack Thereof
▪ Threats, Attacks, and Compromises
▪ Ability to React
▪ Comparison to Industry Peers
BOARDROOM SELLING: TIPS 1 & 2
W W W . P R O F I C I O . C O M
▪ Provide Audience with Content That Resonates
▪ Only Provide Relevant Information
▪ Leave Out the Security Jargon
WWW.PROFICIO.COM
▪ Risks
▪ Costs
▪ Impact
▪ What’s the Risk to the Business?
▪ Don’t Go Down the Technology Rabbit
Hole
▪ What’s the Impact to the Bottom Line?
BOARDROOM SELLING: TIP 4
WWW.PROFICIO.COM
▪ Be Ready to Review Risks Compared to Industry
Peer Organizations
WWW.PROFICIO.COM
▪ What are the Next Steps?
▪ Discuss Deadlines & Budgetary Needs that
Cover All Resources
BOARDROOM SELLING: TIP 6
WWW.PROFICIO.COM
▪ How Does Your Budget Compare to
Industry Peers
▪ Demonstrate Why Your Specific Expense
Needs are Critical
▪ Be Practical and Not Too Far Reaching
BOARDROOM SELLING: TIP 7
WWW.PROFICIO.COM
▪ When Presenting Your Findings & Overall Plan to Board:
▪ Speak in their Language
▪ Stick to the Facts & Backup Your Findings
▪ Present a Cohesive Action Plan
▪ Be Realistic About Budget
▪ Share the Consequences that Can Occur if Plan isn’t Followed
WORLD-CLASS
W W W . P R O F I C I O . C O M
CYBERSECURITY
SERVICES
SAN DIEGO | SINGAPORE | BARCELONA
WWW.PROFICIO.COM | INFO@PROFICIO.COM