Story image

Security: A miserable job?

11 Jan 2019

Article by ServiceNow chief information security officer Yuval Cohen

The security sector is a tough industry to be in – when all processes are running smoothly, security professionals are invisible. However, the moment something goes wrong, all blame is focused squarely in their direction. 

Third-party and in-house cybersecurity experts have a ton of responsibility. They work within a complex environment with real-world consequences. With a number of high profile data breaches reaching the public domain this year – with SingHealth and Securities Investors Association Singapore being the most recent targets of cyber attacks – security has quickly become one of the biggest concerns of organisations. Still, it’s easy to misunderstand the purpose of what security professionals do and see these growing procedures as an obstacle to productivity. 

It’s fair to say, in a lot of ways, this has the potential to be a very miserable job — even though it’s great in so many ways. 

A pack of sheep surrounded by wolves

State-sponsored attacks, ransomware, fake news, and targeted misinformation are all tools of war in the information age. Many of these attacks aren’t even reported by the press or known by outsiders. According to a study by ServiceNow and Ponemon Institute, Singapore organisations surveyed spent an average of 18,096 hours per year and USD $ 1,359,375 per year preventing, detecting and remediating vulnerabilities. 

The security industry can be the proverbial pack of sheep surrounded by wolves. As such, security professionals often stick together, even if they are rivals. Versus the ‘us against them’ mentality, it’s quite common for a financial firm’s security officer at a rival company to reveal they encountered a weird virus and offer to send samples or compare case studies. 

The balance of power in the equation is so lopsided when protecting data that everything security professionals do to help each other, helps the good guys. By working with peers, sharing best practices and insights empowers security teams to do a better job in defending organisations. 

Task overload

For security teams, a big part of the challenge is simply being overwhelmed by workflow management. It’s difficult to allocate resources between detection and operational capabilities, and to find the right blend of defensive and offensive posturing. 

Further, Singapore-specific insights from the ServiceNow and the Ponemon Institute revealed that: 

• 60% respondents said their organisations were at a disadvantage in responding to vulnerabilities because they still use manual processes; 

• More than half (54%) agreed that IT security spent more time navigating manual processes than responding to vulnerabilities, which led to an insurmountable response backlog and; 

• 68% attributed delays to lacking a common view of applications and assets across security and technology teams 

Getting in front of the challenge

At the end of the day, there will always be employees who open email attachments from strangers, choose obvious passwords, or use insecure communications unless they are prevented from doing so, or if technology paradigms change. Anticipating such actions to continuously take place allows security teams to be more equipped, organised and forward-looking. 

The urgency to adopt new approaches is increasing. Organisations in Singapore can apply automation to create a robust, efficient and effective security hygiene model. If a target has robust defenses, or presents more hassle to infiltrate than it’s worth, odds are the bad guys will move on to something else. More, little things such as establishing continuous tracking software patches, detecting irregular login patterns, and making it easy to report phishing attacks go a long way. 

Seamless processes are even more critical in a rapidly changing work environment. Multi-cloud environments mean it’s easier to pass the buck on blame for attacks. The rise of BYOD and shadow IT mean that new attack vectors show up every day, and security and IT have to be in constant communication. 

With the right steps, this doesn’t have to be a miserable job. Keep the lines of communication open with fellow security leaders, find signals and anomalies that matter in the endless data noise, and advocate for security experts everywhere. Getting in front of the challenge makes all the difference. 

Attacks targeting Cisco Webex extension explode in popularity - WatchGuard
WatchGuard's Internet Security Report for Q4 2018 also finds growing use of a new sextortion phishing malware customised to individual victims.
Developing APAC countries most vulnerable to malware - Microsoft
“As cyberattacks continue to increase in frequency and sophistication, understanding prevalent cyberthreats and how to limit their impact has become an imperative.”
Worldwide spending on security to reach $103.1bil in 2019 - IDC
Managed security services will be the largest technology category in 2019.
Privacy: The real cost of “free” mobile apps
Sales of location targeted advertising, based on location data provided by apps, is set to reach $30 billion by 2020.
Myth-busting assumptions about identity governance - SailPoint
The identity governance space has evolved and matured over the past 10 years, changing with the world around it.
Forrester names Crowdstrike leader in incident response
The report provides an in-depth evaluation of the top 15 IR service providers across 11 criteria.
Slack doubles down on enterprise key management
EKM adds an extra layer of protection so customers can share conversations, files, and data while still meeting their own risk mitigation requirements.
Security professionals want to return fire – Venafi
Seventy-two percent of professionals surveyed believe nation-states have the right to ‘hack back’ cybercriminals.