Top 8 things CSOs wish they had a solution for
What's keeping you up at night - complexity, data deluge, BYOD?
By Jason Clark, CSO, Websense
October 26, 2012 — CSO —
After a challenging day at the office, many CSOs and CISOs spend their harried nights wishing for a better and easier way to accomplish the tough tasks they face at work. I know I have. I've spoken with a lot of my peers this year and thought I'd compile a list of these wishes and pain points—and provide an opportunity for us to share recommendations on how to tackle these tough tasks.
Here are the top eight wishes I've heard in the last year:
1. We need simplicity, not complexity.There's simply too much going on in our IT worlds. New cloud computing, mobile, and social networking technologies and innovations are flooding our infrastructure. There are so many technologies in our businesses—at best soldered together—but definitely not talking to each other.
Unfortunately it is only getting worse. Declining operational efficiency and effectiveness affects the whole organization. Too many security solutions offer 1,000 features, but most people only leverage 100. To be effective, we need solutions that actually talk, share intelligence, and learn from each other.
2. We don't want to be overwhelmed by too much data and informationFirewalls, AV, IDS/IPS, load balancers, routers, switches, DLP, web security gateways, MDM, email gateways, Active Directory, thousands of applications, thousands of databases, etc. We are overwhelmed with data that we aren't necessarily looking at on a regular basis. I've asked many CISOs: "What value are you getting from your IDS or firewall logs?"
Most responded that they have little to no value because there is just too much data. And it isn't going to scale for the future. Even items like SIEMs are not intelligent. They are complicated to run and they simply turn data into information. But information isn't what we need. You still need to collate and analyze the information to understand what actions to take. Even then, it's going to take more than action lists. CSOs need a guiding compass that provides an effective overall risk management strategy.
3. We need to turn data into wisdom.CSOs need data, so they can use their wisdom to make the best security decisions. To get there, data needs to be translated into information. And that information needs to provide intelligence. Intelligence will help CSOs build their security wisdom. The more intelligence CSOs receive, the bigger the benefit. Unfortunately, many of the solutions I list above aren't translating information to intelligence. They are simply providing information, which leads to reactive actions vs. proactive actions.
4. We need a predictive risk posture view.I'm talking about a pressing need for a risk-based approach that is simple to implement. Most of today's buying decisions are gut-based on old experience and yesterday's threat landscape. And while governance, risk management, and compliance (GRC) solutions exist, usually these solutions are rule-based and are not intelligent, are overly complex, and don't take a data-centric view. [See What's next for GRC?]
Many of the good risk and compliance solutions are also very expensive and few companies can afford them. We need a GRC solution that easier to deploy and manage. As more CSOs partner with others and continue cloud adoption, GRC will be the tool of the future to help manage risk because they will have less and less direct infrastructure control.