Discover The New CISO Imperative: Join our Panel Discussion at RSA
The shortage of trained cyber security professionals, combined with the immature manual security operations center processes used by most organizations, have created fertile ground for all manner of bad actors. Let’s dig into the skills shortage first. According to Forbes, the cybersecurity market is expected to grow to $170 billion by 2020. However, more than 209,000 cybersecurity jobs in the U.S. are unfilled, and postings are up 74% over the past five years.
Next let’s look at the process problem. According to a study by ESG, a third of organizations spend at least half of all incident response time on manual processes leading to inefficiencies and delays. For instance, emails—which are difficult to mine for information during or even after a security incident—continue to be the predominant mode for tracking and resolving security threats. Even as security teams aggregate and pour over volumes of email data, the information they have may not be what they need to identify, prioritize and respond to potential threats. I’ve even talked to several huge organizations that spend hours just figuring out what a particular IP address is attached to before they can proceed further.
With all this in mind, it is not surprising that it takes 201 days for an enterprise to discover a breach and 70 days to contain it, according to the Ponemon Institute.
Clearly, security teams are overwhelmed by the torrent of threats pouring into the enterprise. Automation can go a long way toward helping security teams identify, prioritize and respond to confirmed threats. While automating the decision on a given threat is further than most teams are prepared to go, automating some of the manual research and intelligence gathering tasks can drastically increase the speed and thoroughness of the investigation and make the human decision much more accurate. Following the decision, automation can again get involved making the changes necessary to the infrastructure with all the right notifications and approvals from IT.
As the volume of attacks and vulnerabilities continue to grow, CISOs and CIOs need to partner together to find new ways for teams to become more effective in responding to threats and ultimately strengthening their organizations security posture. Automation kick-starts this partnership by delivering efficiencies to security and IT teams, while helping bridge the security skills gap that nearly every organization is facing.
Join us to participate in an engaging dialogue to discuss these issues and more at the upcoming panel discussion: ServiceNow/ISE VIP Signature Luncheon on February 16, 2017, 11:30am-1:30pm at The W Hotel. Our expert panelists will share their insights and perspectives on the following issues:
- How are best in class security organizations handling security response and prioritizing threats? Where are these programs evolving to reduce response time?
- Automation tools can quickly identify and assess each incoming threat as it enters the network, ensuring that no risks go undetected. How are companies currently automating their security response and what are the barriers to do so?
- Machine learning systems are designed to continually assimilate information and make process improvements; the use of these tools offers the potential to increase the scale of resistance against ongoing attacks. What are the implications on people, process and technology as these new technologies become possible?
Register to join the conversation and hear from our esteemed panel of experts on these matters:
Julie Talbot-Hubbard, VP Head of Security Operations for SunTrust
Gary Warsala, CISO, Fifth Third Bank
Justin Dolly EVP, CISO & CIO, Malwarebytes
Tim Callahan, Global Chief Security Officer, AFLAC