What Should Chief Security Officers Ask Santa For This Christmas?

Duncan MacRae is former editor and now a contributor to TechWeekEurope. He previously edited Computer Business Review's print/digital magazines and CBR Online, as well as Arabian Computer News in the UAE.

Follow on:

It’s the one time of the year when chief security officers can ask Santa for a little bit of help. But what exactly should they be asking for? Here are a few suggestions

Andrew Conway, security researcher at Cloudmark

I’m sure more funding is always the CSOs first request but they can also look to ask Santa for security conscious employees and investment in the right tools to tackle today’s and tomorrow’s breaches!

Many company data breaches begin with a single phishing or socially engineered attack, where employees have clicked on ‘trusted’ link that has requested further personal information that can be used to for financial or malicious intent.

Security-Savvy Employees: A way of preventing these breaches is through rigorous security training for all employees and for employees to retain and refresh their security understanding year on year.

The Right Tools: Furthermore, to help the CSO, a comprehensive set of tools that can detect breaches in real-time to minimise their impact, an IT infrastructure that compartmentalizes systems, so that if a data breach does occur in one particular area – it does not compromise and snowball it another.

Email and Message based threat prevention: Messaging security tools are a must in preventing data breaches as many attacks can begin with an email message. A security solution that automatically detects and blocks all forms of inbound and outbound messaging abuse before it can impact subscribers, helpdesks, networks and infrastructure would make the CSO’s 2015 very merry!

DNS security and monitoring: These are vital tools in detecting data breaches and preventing data exfiltration. They can be used to detect infected computers by looking for unusual activity such as the use of a domain generation algorithm, DNS tunnelling, or access of known malicious command and control servers. They can also help prevent DDoS attacks such as resource exhaustion and DNS amplification.

Santa-shopping-onlineIan Trump, security lead at LogicNow

I’ve been a good CISO. I’ve worked hard to safeguard my employees and customer data. If I can ask for one thing Santa – Please don’t let hackers destroy my company in 2015. I promise to be vigilant and spend money wisely. If you could see it in your heart to create a one minute webinar that asks folks to stop clicking on malicious links, or opening strange attachments that would really help. They may not listen to me, but they just might listen to you.

Tim Eades, CEO of vArmour

Santa may specialise in travelling south from the North Pole, but CISOs should be asking him for a way to provide visibility, control and threat defence against cybercriminals who specialise in travelling east/west within the data centre! With legacy security perimeter solutions failing to stop security breaches and laterally moving threats in the new mobile, cloud and virtual world, CISOs can break the cycle of malicious attacks and security breaches by deploying a distributed security layer of visibility and control across virtual, cloud and physical applications, thus filling the traditional protection gaps inside the data centre. This new approach will help enterprises better understand an attack’s progression across the entire network, identifying both the extent of the compromise as well as “Patient Zero” – the attacker’s point of entry into the network.

Kevin Burns, head of solution architecture at Vodat International

  • More resources
  • All my data in one place
  • Fewer attack surfaces
  • A ban on social media
  • Stronger defences
  • No Wi-Fi, no Bluetooth, no mobile
  • Time to understand the results of our scans
  • More time to scan
  • Even more time to react to results
  • All my data in one place
  • Remove business reliance on sensitive data
  • Outsource card processing
  • Ban emails
  • More system upgrades, on fewer systems
  • All my data in one place
  • Withdraw third party remote access
  • Less legislative interference
  • A way to remove any effectiveness of malware
  • Genuine staff security awareness (not just because we made them do the course / read the book)
  • Oh, and did I say, all my data in one place (so I can keep an eye on it)

CEO François Amigorena, CEO at IS Decisions

2014 has been the year of the security breach, and as any CSO will know the majority of breaches occur from within. Employees are, unfortunately, generally every organisation’s weakest link, so for Christmas this year the CSO should be looking for any tool available to help strengthen that vulnerability.

Easier said than done of course, but granular level user access restrictions and tools for monitoring are essential. As is the ability to educate users, messages and prompts that alert them to when they have committed bad security practice, such as attempting to use their network login in more than one location.

We all know that when it comes to buying Christmas presents, you need to move fast – especially if you want to order everything online. No one wants to leave it to the last minute!

The same goes for internal security. CSOs know that when login credentials have been compromised, it’s only a matter of time before an attacker can start stealing sensitive company information. And the longer you leave it, the worse it could potentially get. So a tool that gives CSOs the ability to track and monitor user behaviour in real time, and then react to anything suspicious immediately, is an essential for the metaphorical Christmas stocking.

Tony Larks, director of marketing EMEA at ThreatMetrix

Santa, Ceasefire!

Failing that, I’d like a global approach to defence from cyber criminals and fraudsters through sharing threat intelligence in real time.  So that if the enemy is not willing to agree a ceasefire, I’d benefit from being able to protect my customers, employees and shareholder value.

Mark Edge, UK country manager at Brainloop

Employee behaviour continues to be one of the biggest IT issues facing organisations today. This is underlined by a recent IBM study that found that 95% of all security incidents involve human error. And according to TrendLabs, 56% of employees frequently store sensitive data on their laptops, smartphones, tables and other devices. For companies this could result in confidential and sensitive files ending up in the wrong hands, intellectual property being compromised and, if regulated data is involved, there may be financial penalties.

For Chief Security Officers, who are ultimately responsible for data security, at the top of their Christmas list should be something that eliminates the element of human choice that can lead to data or document loss. There are lots of consumer-focused cloud storage products like Dropbox but these can be accessed with ease if controls are not put in place. Rather like a picky teenager being prescriptive about the make, model and functionality of the smartphone he or she wants for Christmas, Chief Security Officers should be equally specific with their file-sharing tool. For optimum security it has to be an enterprise-grade secure collaboration solution that provides document level control (e.g. preventing downloading, sharing or printing) and tracking that enables them to put the right levels of control in place, yet still deliver a seamless and simple user experience.

Bruce Jubb, head of EMEA, SecureAuth

This Christmas CSOs should be asking Santa for staff who are vigilant with their email and pay close attention to suspicious messages. At this time of year attackers take advantage of the high volume of online shopping and our haste in an attempt to perpetrate email fraud and steal credentials and other sensitive information, just like the Grinch stole Christmas. This even applies to mobile devices that may be connected to corporate networks.

The Department for Business Innovation and Skills found that 58% of large organisations and 22% of small businesses suffered staff related data breaches over a single year, so this should really be number one on any CSO’s Christmas list.

Charles Sweeney, CEO at Bloxx

If I were a CSO, then on my list to Santa would be:

1. Please, please, please could people adhere to our password policy?

2. Please could the elves magic up some great new recruits for my team?

3. If you could possibly sit on a prolific hacker’s computer and break it whilst stuffing his stocking, that would be much appreciated

4. I’d like immunity from any breaches in the coming year

  1. I’d love a holiday. One where the CEO doesn’t constantly phone me asking about whether he should be worried about Patch Tuesday or some new piece of malware

Catalin Cosoi, chief security strategist at Bitdefender

Chief security officers (CSOs) should start their letter to Santa with a long list of “DON’Ts.” First of all, they should ask Santa not to bring too many cyber-attacks and seasonal hackings, so they can spend their holidays with their families, and not their servers.

CSOs should also ask Santa for no data leaks, no new zero-day vulnerabilities, no more encryption-related bugs, and no lost or stolen devices in the company.

CSOs should also wish that their non-technical colleagues choose stronger passwords, which will no longer be featured in the “top 10 scariest passwords of the year.”

Santa should also bring CSOs fewer infected USB devices, and not as many BYOD problems. Another Christmas wish could be an efficient and affordable enterprise security solution to allow CSOs a quiet holiday and a safe new year.

Orlando Scott-Cowley, cloud security expert at Mimecast

The one key present on the Christmas lists of CSOs will be the power to get instant buy-in from the board. For too long we’ve been learning how to get justification and budget for essential security projects. The time must come when the board start to take security more seriously and allocate budget based on risk, threat and potential damage; rather than red-lining new spending in these areas, or even worse, lumping them in with general IT spending. Getting buy in from the board require communication skills, careful forecasting, accurate budgeting and importantly buy-in from all other parts of the business. All of this continues to slow down the progress and impact a CSO can make, and take up their valuable time – especially when the threat to the business is only getting worse. CSOs should be concentrating on how to protect their assets, rather than working out how to play the political system internally. CSO have to fight their corner far too hard, and far too often – perhaps Santa could make their lives easier for them.

Wieland Alge, VP & GM of EMEA at Barracuda Networks

More firewalls. Why? Because when it comes to firewalls both quality and quantity is vitally important.

In order to do their job properly, the CSO also needs to know the business’ wider business objectives. With this they’re equipped with the information required to make the right security decisions.

The threat vectors the CSO must consider very much depend on the what, where and when nature of the attack surface. Exposure to the ‘bigger picture’ will enable them to explain the benefits and key requirements of a firewall to his/her CEO when building a case for the budget required to purchase it.

Today, a modern firewall within a business’ internal infrastructure, outer perimeter and cloud-based IT are a given. But, when it comes to overall network security it’s not just about having one quality firewall. In the case of the firewall, quantity is an extremely important factor to take into consideration.

James Leavesley, CEO of CrowdControlHQ

Santa-with-tabletWith current estimates indicating that over three-quarters of people in the UK have social media accounts and the Office of National Statistics stating that 76 percent of adults access the internet every day, chief security officers should hope to find a robust social media risk management and compliance platform in their stockings this Christmas. But not just any old solution will do. The discerning CSO will want a risk and compliance platform that takes a dual approach to social media management by enabling users to manage “crowd” engagement across multiple social media channels; plus the ability to control outbound social media communication from the enterprise, via tiered passwords, audit trails, advanced moderation features and listening tools.

To avoid sleepless nights the new social media risk management and compliance platform should also arrive already penetration tested and from an established UK company with strong credentials and UK customer references and support. What more could a CSO want? 

George Anderson, director of Product Marketing at Webroot

Over 40 percent of all the new malware ever seen has been recorded by AVTest.org in 2014. Breaches are up with nearly all the large retailers in the US compromised and also the US’s largest bank JPMorgan Chase.

The latest attack on Sony is a prime example of the real corporate damage being done and attackers’ sophistication.

So my CSO asks from Santa this year are:

1. Please don’t let it be me in 2015, but let me be prepared. (It’s not if, but when?)

2. Give me the security skills/expertise to lockdown my infrastructure, increase visibility and implement more proactive incident response. (You cannot fight what you cannot see/imply.)

3. Give me secure, fool-proof disaster recovery and back-up for my high value assets. (Business continuity is an imperative.)

4. Let me baseline profile and secure infrastructure using real-time endpoint security intelligence. (There are new ways to stop APTs.)

5. Make the Internet work for me by providing the real-time security intelligence I’ll need to prevent successful attacks. (I need the help of the emerging real-time cloud security intelligence providers.)

Mike Langley, regional vice president of Western Europe and South Africa at Palo Alto Networks

This Christmas Chief Security Officers’ should be asking Santa for a true platform-based approach to security in the form of a single, integrated platform that ‘does it all’, doesn’t require users to take a performance hit, and can be used anywhere from data centres to the cloud. In 2015 we’ll see vendors phasing out standalone intrusion prevention system (IPS), firewall and/or unified threat management (UTM) security solutions.

Daniel Foster, co-founder and technical director of 34SP.com

Following a string of high-profile attacks on websites recently, ranging from smaller businesses to giants like Sony having unreleased movies stolen, high up on every chief security officer’s Santa wishlist should be a few items to ease their worries at work.

You can never have enough backups, and a well thought-out backup strategy is an investment that you can’t afford to do without. Of course, the hope is that you’ll never need to use this strategy, but the peace of mind to be had in knowing that your data isn’t lost if the worst happens is hard to put a value on.

What’s more, you should really ask Santa for a web hosting company that monitors your site 24/7 and responds to any outages before you even become aware of them. Ask to see some uptime reports if you can. If they can’t provide any, or you want to verify what they’re telling you, there are plenty of tools around the iInternet that you can use.