Cybersecurity Key Issues 2022
As the threat of cyberattacks grows, the roles of chief information security officers (CISOs) and cybersecurity teams are about to change significantly from "guardians" to "organization-inspired influencers."
In this report, looking ahead to 2022 and beyond, we have selected eight issues that CISOs should prioritize at the level of executives and the board of directors, and considered measures that should be considered for each issue.
1. Expanding strategic security debate
Cyber risk management with a view to competitive advantage and long-term success requires the leadership of the board of directors and executives. CISOs and cybersecurity teams need to work to raise executive awareness.
Key Measures to Consider for Security Strategies
Consider how to break away from traditional security thinking centered on confidentiality and availability and ensure integrity and resilience.
Work with key internal stakeholders on security strategies to protect organizational and customer data, risk management, and protect short- and long-term business strategies.
Change executive awareness of security to focus on realistic company-wide risks rather than cost and speed.
Don't worry about key performance indicators (KPIs) and key risk indicators, you can see from basic data such as incident types, differences between internal and external programs, and data-related measures (in progress, planning, waiting for approval). Focus on themes and trends.
Build relationships with business departments by raising awareness about possible damage when security is incorporated from the concept / design stage and when it is not.
2. Determinants of success: essential talent and skill sets
While devising ways to spread security awareness, such as utilizing AR (augmented reality) and VR (virtual reality) for cybersecurity awareness activities, we are also introducing continuous control monitoring that combines automation, data analytics, and AI. valid.
Main measures to consider for fostering a cybersecurity team
Change the way information is transmitted. Talk about business, not technical theory.
Without being bound by the conventional definition of cybersecurity, we will continue to build relationships with other departments within the company and network with related parties within the company.
Incorporate scenario thinking, testing, and response into the normal work of your internal cybersecurity team.
Compliance is an important outcome of the security program you have developed and should not be the reason for your team's existence.
Take on the role of evangelist. Preach the importance of security and increase internal motivation.
Based on the idea that "cybersecurity is one of the important elements of an organization and is imprinted in the DNA of the organization," it encourages a change in awareness about the role of security.
3. Security suitable for the cloud era
Cloud environments require automation from deployment to monitoring and recovery, which inevitably increases the reliance on automation. As cloud computing accelerates, it is necessary to prepare for ensuring the security of in-house data on the cloud, centering on automation tools and protocols.
Major measures to consider to ensure cloud security
Eliminate human processes and automate cloud security, with a focus on deployment, monitoring, and recovery.
A centralized cloud security team will be formed, and the members will be staffed with development personnel, and a general manager with conventional security skills will be assigned.
When using the responsibility sharing model, clarify the scope of responsibility in cloud security between the cloud operator and the user company.
Utilize CSPM tools with preset policy check functions corresponding to various regulations and systems.
Build an incident response process that is linked to your company's wide range of cloud strategies.
4. ID management, which is the central axis of zero trust
It is necessary to adopt a zero trust attitude and architecture, and to place IAM (ID / access management) at the central axis. You need to consider how to most effectively implement a company-wide zero trust architecture and work to develop principles that are consistent with your management and operations priorities.
Main measures to consider for ID / access management
Start demonstrating or introducing passwordless authentication for some use cases.
Make sure your identity program has a sound data and analytics foundation.
Incorporate zero trusts into your overall cybersecurity strategy.
We will focus on enhancing the user / customer experience by creating a stress-free environment that does not require identity verification many times.
Automat security functions and create a system that allows highly skilled professionals to focus on more strategic activities.
The introduction of the zero trust model is a long-term effort, and we are prepared to take time to implement it.
6. Leveraging security automation
Security automation improves security analysts' productivity, reduces incident detection and response time, gains scalability, and enhances control by visualizing risks. It is also important to review in-house human resources and tools, as tools that have already been introduced may include advanced automation features.
Key Measures to Consider for Security Automation
Focus on threats rather than incidents and take the initiative in security automation.
Automate day-to-day tasks and allocate talent and cognitive skills to more important activities.
Utilize in-house human resources who are familiar with the technology and automation owned by the company.
Incorporate security automation at key milestones in SDLC.
When it comes to what you know is feasible, push the limits, don't be afraid to fail, and immediately apply the lessons learned from them.
Avoid over-designing solutions and don't introduce automation tools that don't solve problems or contribute to your business value.
6. Privacy Frontier Protection
Awareness of privacy such as GDPR and CCPA is increasing worldwide, and risk management in terms of both privacy and security is necessary. In addition to meeting regulatory requirements, there is a need to change the organizational culture, such as "privacy first" and "privacy by design."
Key Measures to Consider for Privacy Risk Management
It is important to educate executives and business department managers about why consent is required to collect personal data and what kind of adverse effects will occur on management if consumers' rights are not respected.
Ensure that the priorities and visions of executives and top executives are consistent with the data privacy program, and align the perceptions of all parties at each stage of collection, consent, and use.
Adopt privacy-by-design standard rules to supplement and complement privacy regulations and regulatory requirements.
By incorporating written policies into verifiable business practices, we seek the understanding of consumers and regulators about their efforts to protect consumer rights and data.
Introduce data privacy management technology tools to automate processes, comply with regulations, speed up response, and reduce human error.
7. Cross-border security measures
Having a framework agreed upon with multiple partners, such as third parties, helps minimize risk. In addition to leveraging AI and machine learning to address shadow IT issues and enhance monitoring of third-party SaaS products, the introduction of chatbots and automation of risk management processes are also effective means.
Key measures to consider to ensure ecosystem security
Keep an eye on regulatory requirements as regulations continue to evolve and continue to focus on supply chain security.
Consider CCM (Continuous Monitoring of Controls) as a means of migrating the ecosystem from compliance-oriented to operational-focused security.
In order to strengthen security and have highly skilled security personnel concentrate on strategic tasks, we will seek opportunities to utilize AI / machine learning and automate supply chain security-related tasks.
Don't overlook the control system supply chain. As IT and OT (operational technology) systems merge, it is more likely that attackers targeting business data will exploit the weaknesses of control systems.
Large, resource-rich companies need to take security measures to protect their environment as well as their broader ecosystem and work to build capacity.
8. Review of debate over cyber resilience
To achieve cyber resilience, CISOs need to explain to executives the risks and implications of security breaches and the importance of cyber resilience. With the support and support of executives, finance, marketing and other stakeholders, we will review our core business processes and strategies for business continuity.
Key Measures to Consider for Cyber Resilience
Consider how long you can continue your business if a critical function stops and how it will affect your customers.
Analyze how critical cybersecurity incidents affect supplier dependence.
Discuss cybersecurity and cyberresilience themes at the executive level.
Make sure that the current resilience plan fits the objectives of cyber attack countermeasures and takes appropriate countermeasures.
Remember the humble attitude of admitting that your prior assumptions may have been wrong, and have an alternative plan ready for immediate operation.
Through practical exercises conducted on a regular basis, executives will be able to improve their crisis management capabilities in the event of a cyber attack and clarify their roles.
While emphasizing the basics, we will not neglect to invest in detection ability and quick response / recovery ability.
If your company does not have the capacity or ability, work with the appropriate specialists.
At the end-Consideration of priority fields (IIoT, 5G, AI)
IIoT (Industrial Internet of Things)
The Internet of Things (IoT) for the industrial field will continue to expand, and millions of sensors, devices, and other network-connected terminals connected to the cloud are vulnerable entrances to cyber attacks. There is a risk of becoming. When strategically deploying these devices in environments such as enterprises and smart cities, it is necessary to consider a wide range of items such as personnel, policies, procedures, and technology, as well as issues such as anomaly monitoring, ID management, and zero trust.
5G Networks
5G networks are fundamentally different from 4G in terms of high speed, high capacity, low latency, and overall innovation. It presents different security challenges and requires a very sophisticated security architecture, monitoring and control. Some of these challenges exacerbate the already emerging geopolitical tensions in the supply chain over the procurement of key technology elements and infrastructure.
AI In
the near future, criminals launching cyber attacks may take advantage of RPA, machine learning, and deep learning. Attackers use AI, but there are no boundaries. In the short term, these criminals will use AI to industrialize cyberattacks and gain an ever-increasing advantage. In fact, these movements have already begun and are expected to continue.
 and cybersec…){kind=link}
Comments