EXECUTIVE SUMMARY:
Mark Ostrowski is Head of Engineering, US East, for Check Point Software, a global cyber security company. With over 20 years of experience in IT security, he has helped design and support some of the largest security environments in the country. Mark actively contributes to national and local media discussing cyber security and its effects in business and at home. He also provides thought leadership for the IT security industry. In this second interview of our two-part interview series, Mark offers engaging insights into the current threat landscape and how to approach security amidst the ‘new normal’. Find out about key questions to ask your teams, business alignment tactics, and what to look for when hiring in IT. Did you miss part 1? Click here.
What kinds of questions should C-levels ask of their cyber security teams right now?
Email-based phishing attacks account for over 80% of malware deliveries that affect organizations. We’ve been trying to solve email security problems since the beginning of us checking email. So, first, I would have any C-level start by looking at how they are preventing phishing. Then, C-levels should look at ransomware and credential reuse.
In addition, C-levels should think about the following:
- What does our native cloud security posture look like?
- Have we thought about creating a table-top exercise around a potential ransomware attack?
- A potential DDoS attack?
- How are we securing cloud infrastructure/applications natively?
Those are some of the basic questions that I would ask, because those would cover the majority of what we see from a research perspective.
What’s the best way for cyber security teams to align with C-levels and management?
In terms of aligning security with business, I think you have to look at the business you’re trying to protect. Let’s talk about hospitals and healthcare. That’s obviously pretty important right now.
The goal of a hospital or a health organization is not to have the strongest cyber security program. The goal is to provide the best care for their patients. A CISO for a hospital or a healthcare organization, in my opinion, has to grow a security program that provides the best environment for the hospital to give the best care to their patients in the most secure way. Don’t get me wrong, cyber security and strong patient care do go hand and hand.
I think that when CISOs take that approach, and they can give the best care to their patients, then you have the best security program possible. Security and business are aligned.
The other thing is that it’s very important to break down security issues into common terms that everybody understands. I think that when you talk about solving security problems, but you make an analogy that everyone can relate to, then you bridge that gap between technology and implementation.
In general, among IT professionals and cyber security experts, which security skills are most needed right now? What should organizations look for when hiring?
If I were to give anyone advice on where to start right now, it would be 100% cloud-based, and I would focus on security automation. So household name brands, like Terraform and Ansible, for example. Understand how those technologies and how automation and orchestration fit into your public/private cloud infrastructure. That is the area that continues to be the least mature in a very mature security market.
Further thoughts: I think that one of the biggest challenges right now is that there’s so much noise relative to how to fix the problem of cyber security. The reaction to this noise can cause a visceral reaction to add more technology. Very often organizations do not look inside first with technologies they already own and leverage these products fully. Technology and business leaders should strive to do what’s best for the company fiscally and in terms of cyber security, by trying to avoid being persuaded by outside factors.
