CISO’s and Cyber Threats: a Silver Bullet or a Golden Strategy?

Rocky DeStefano explains the new challenges facing CISO's today.

SHARE

The perennial challenge for C-Suite executives around technology is whether to seek out a solution which can be “patched” in that solves business challenges, or to create a platform within the business that takes advantage of pre-existing assets and seeks the solution through process.

To build? Or to buy?

For Rocky DeStefano, a Cybersecurity Subject Matter Expert at Cloudera, this challenge is what a new wave of Chief Information Security Officers (CISO) are currently faced with when looking at how to combat cyber threats.

“The number one challenge that CISO’s have right now is that when they go to industry events, every company in the space is messaging their capabilities around data, data management, analytics, and machine learning.”

“They’re in a challenging position more than [any other CxO] and are inundated with the message that the answer is in data. They’re looking for a way to cut through the fog.”

Coming to Australia for a series of security events in August, Rocky’s role sees him connect with a variety of CISO’s around the globe from a variety of different industries. From his perspective, effectively responding to cyber threats starts with giving your business an opportunity to
understand its data.

Rocky DeStefano, a Cybersecurity Subject Matter Expert at Cloudera, is coming to Australia in August.

Going from Reactive to Proactive

“Responding to modern cyber threats is about ensuring your business is moving from a reactive state to a proactive state.”

This proactive state is where DeStefano believes CISO’s and their team can have full contact with everything that is going on.

“Being proactive is about having the capability and the bandwidth within your organisation to equip humans with technology to combat what  is a largely human adversary.”

DeStefano believes this 360-degree view of a business and its data is fundamental to creating a robust cyber strategy. Cloudera’s employees, “Clouderans”, work with a variety of different organisations in making this foundation a reality.

In driving a proactive culture within a business, DeStefano believes that ultimately business will have an opportunity to respond with a vision to enhance systems and processes, whereas taking a reactive approach only lends itself to the moment.

The Machines Are Coming

DeStefano believes that a major benefit of building a proactive foundation for cyber security is having the ability to take advantage of new technologies that will offer even greater insights. Although in its early stages, one of these technologies is machine learning.

“What machine learning holds is the promise for to be able to establish a baseline behaviour based on complete enterprise visibility including every user, every endpoint, and every system.

Once you’re able to establish those baseline models for everything that’s going on within an environment it’s very easy to quickly detect patterns and anomalies.”

It is in the ability to be able to identify broader sets of patterns and anomalies that machine learning can contribute to the cyber security challenge. Cloudera calls this “Phase 3” of an organisation’s data development, when an organisation has the ability to harness intuitive technology via a robust data management platform.

DeStefano says that organisations need to take advantage of new technologies, especially machine learning.

With so much investment being made in machine learning and artificial intelligence, building a platform which acts as a springboard for these technologies would appear to be the type of adaptive environment that both the CISO and the CIO need in order to have an edge in cyber security.

DeStefano likened creating this platform to creating an “ecosystem” within your business. The data platform is the mother ship, with a plethora of innovative applications able to be integrated into it, much like what DeStefano believes Salesforce has done in the CRM space.

Security for Government

In discussing the particular vertical of Government, he noted that Government agencies have some of the largest datasets in the world. From analysing that data, intelligence is being derived at a very sophisticated level.

In coming to Australia, DeStefano hopes that he will be able to extrapolate on this within the context of Australia’s Government Agenda.

“Cyber security is definitely something that’s on the radar for the Australian Government, right from the top via your Prime Minister. However, from a data perspective, many systems remain siloed.”

DeStefano also noted that he looks forward to exploring how Government agencies can look at the culture of data management and how much of an impact that can have in creating real business outcomes.

“Outcomes start with gaining buy-in – you need to build that culture of data management. From that point forward, you can then look to work your organisation into the second and third phases of your data journey.”

“Responding to modern cyber threats is about  moving your business from a reactive state to a proactive state.” – Rocky DeStefano

Securing the Future

So when looking at how, whether to buy, or to build, DeStefano concludes that in order to create a robust, scalable platform for the future, the investment in a platform is essential:

“The CISO needs to think, ‘do I need an analytic perspective for just now? Or do I need to commit long-term to a data platform that enables all these different things like machine learning?’”

For the future safekeeping of one’s business, DeStefano believes in the latter. And in order to do that, Australian enterprises and Government agency CISO’s have to start thinking big picture, as opposed to buying a bunch of silver bullets.

Cloudera delivers the modern platform for data management and analytics, providing the world’s fastest, easiest and most secure data platform built on Apache Hadoop. To learn more about the cyber security solution Cloudera offers, please click here. To contact Cloudera for further discussion, please click here.