Document points out lessons learned by prominent professionals in the segment
Even with a greater awareness of cybersecurity threats, small and large companies are still victims of attacks. Lumu, creator of the Continuous Compromise Assessment security model, which enables organizations to measure compromise in real time, has just released a report that brings together the insights of five cybersecurity leaders who were at the forefront of some of the worst recent cases of breaches.
The document features insights from Brazilians Rafaela França, former head of Information Security at Hospital Mater Dei, founder of IT Advisory and co-founder of Ctrl Saúde; and Márcio Sá, Founder and Security Strategist at Castle Security Services, former CISO at 2TM Group and former Head of Information Security at Localiza Rent a Car.
“Labor shortages, increasing burnout and high layoff rates pose serious risks for companies trying to protect themselves from constant cybersecurity threats,” says Ricardo Villadiego, Founder and CEO of Lumu. “Our new report shares preparation lessons and advice from some of the top cybersecurity leaders to make them feel better prepared to deal with potential threats,” he adds.
The top five lessons cybersecurity leaders have learned from leading their companies amid breaches include:
- Do not underestimate the adversary’s ruthlessness: fighting to deliver IT access to doctors serving 20,000 patients a day at the height of the COVID-19 pandemic, Rafaela França, former head of Information Security at Hospital Mater Dei, founder of IT Advisory and co-founder of Ctrl Saúde, learned that adversaries have no compassion and will always strike when business is most vulnerable. França advises leaders to have contingency plans ready, strategies with redundancies, systemic monitoring, attack/defense map, and to be prepared to execute contingency plans and go into “war room” mode.
- Be humble: Márcio Sá, Founder and Security Strategist at Castle Security Services, former Chief Security Officer of 2TM Group and former Head of Information Security at Localiza Rent a Car, learned the value of humility after suffering a ransomware attack. The incident response team needs to know about limitations. “Understand that you don’t have total control and that the adversary has an advantage – in time and sometimes also in budget,” says Sá. “Understand that you will have to present the business risks and ask for help on several fronts.”
- Preparation is everything: Michael Coates, former CISO of Mozilla and Twitter, founder of Altitude Networks and current CISO of CoinList, says preparation is invaluable in ensuring that a security breach doesn’t end in a blatant catastrophe. Coates encourages business leaders to create the breach now through tabletops or through simulated breaches, observe how the team responds and where things fall apart. This will let them know things they would like to know before a breach actually happens.
- Communicate with respect: After the Sunburst attack on SolarWinds, which brought the term “supply chain attack” to the forefront of cybersecurity, Tim Brown, CISO at SolarWinds, learned the importance of clear communication. Brown advises that the more leaders communicate early and more openly with customers, the better. Tackling large-scale breaches and answering calls from countries requires a very different skill set than most CISOs are used to.
- Watch the patterns: Bret Hartman, professor of cybersecurity at California Polytechnic State University, former VP and CTO of Cisco, former CTO of RSA, and former CTO of information security at EMC, shares the lessons of the 2011 RSA breach. Hartman wants leaders to “be paranoid” and have monitoring and visibility so they can properly measure their risks. He also advises having a plan to recover when something goes wrong. Hartman concludes that cybersecurity professionals need to focus on learning and continuous, incremental improvement so that future breaches can be stopped or mitigated.
CISOs’ Lessons from Security Breaches report can be downloaded in its entirety at:
https://lumu.io/resources/cisos-lessons-from-security-breaches
*** Translated with by the DEFCONPress FYI Team ***