Last month, I attended our biggest-ever Cisco Live Melbourne that saw over 8,300 people registered. It was an action-packed week filled with partner and customer meetings, media engagements, analyst dialogues, and coffee, lots of coffee.
They say it takes a village to pull something this incredible off, and I have to agree. We kicked off the week with our Cybersecurity Innovation Day. It was an exclusive one-day thought-leadership platform for our partners and customers to deep-dive into the skills, processes and technologies to manage security risks, improve agility and operational efficiency with key global and national cybersecurity specialists from Cisco. I also had the honour of addressing over 200 partners with my colleagues from Cisco, TALOS and Duo to share our latest cybersecurity innovation, strategy, and most importantly, to thank them for the success we achieved together over the last 12 months.
Among the engagements and activities, here are five key topics that dominated the conversations I had, which are shaping security professionals’ agendas.
Orchestrated Response Over Kneejerk Reaction
We are seeing security professionals focused on being prepared rather than responding to cyberattacks with a kneejerk reaction. As cybersecurity is recognized and accepted as mission critical to organizations’ ability to transform themselves and compete in the market, we are seeing CISOs focusing on getting the right threat response framework in place to ensure they are not playing catch up when an attack hits.
Our latest CISO Benchmark Study echoes the on-ground sentiment at Cisco Live. Security professionals are changing the way they measure their success based on security outcomes, with many respondents moving toward remediation as a key indicator of security effectiveness. More security leaders are now focused on time to remediate than time to detect, and the metric has risen in popularity as a success metric globally—48 percent of respondents in Asia Pacific cited this, compared to 36 percent in 2018.
However, while security is moving from the server room to the board room, CISOs struggle with translating complicated technical jargon to senior executives at the board level who are not technically savvy. To effectively integrate security as part of a business strategy, security professionals need to be prepared to answer questions from the board in terms that are meaningful and that also outline business implications.
Talent Shortage Continues to Keep CISOs Up at Night
Another challenge that remains top of mind for many security professionals is the cybersecurity talent gap. According to a Cybersecurity Workforce Study by the International Information System Security Certification Consortium, the Asia Pacific region is experiencing the biggest workforce shortage in cybersecurity at about 2.14 million.
Asia’s shortage is attributed to the region’s growing economies and the enactment of new cybersecurity and data privacy legislation. Aside from finding talent, the industry is also struggling with retaining talent and providing cybersecurity teams with the right tools to get the job done when talent is in place.
It is important to understand that collaboration among the different stakeholders–from governments, to companies and educational institutions–is essential as no one can solve these issues alone.
One way Cisco is playing a role is through our Network Academy, an IT skills and career building program for learning institutions and individuals worldwide. Specific to security, the academy has trained 90,000 students globally–10,000 in Asia Pacific, with programs ranging from introductory cybersecurity courses, to advanced cybersecurity courses focusing on how to monitor, detect and respond to cybersecurity threats.
Securing a Multicloud Environment
As businesses digitize, the flexibility, productivity and cost savings benefits of cloud apps have fueled widespread adoption across Asia Pacific. 95 percent of respondents in Asia Pacific said that moving to the cloud has increased their efficiency compared to operating with on-premises solutions.
However, the pervasive adoption of cloud is adding to the complexity that CISOs face when it comes to protecting workloads in a multicloud environment. Many CISOs whom I interacted with expressed challenges with having the same level of control in a multicloud environment as they have with their on-premises infrastructure.
The complexity boils down to a lack of visibility into the behavior of users, the disposition of data, and the network. To address these challenges, CISOs need a complementary, coordinated approach to security across networks, endpoints, and the cloud that assesses risks across multiple cloud environments; tools designed to provide visibility, analytics, control, and responsiveness in a multicloud environment; and knowledge of what the cloud service providers provide, and what they don’t provide, so businesses can protect, react, and respond, no matter where their data, applications, and workloads reside.
Interest and Appetite for Integration and Automation
Another hot button topic that dominated many conversations I had is around integration and automation. This is no surprise considering the complex security vendor environment that many security professionals are in today. Our latest CISO Benchmark Study found that 93 percent of respondents in Asia Pacific said it was somewhat or very challenging to orchestrate cybersecurity alerts from multiple vendor products, higher than the global average of 79 percent.
As cybersecurity professionals find themselves wearing multiple hats, they are increasingly in search and need of a comprehensive security environment in which the solutions are integrated and can work together to defend against potential attacks.
A key component of our integration is Cisco Threat Response (CTR). Threat Response is built upon a collection of APIs; which can be used to integrate Cisco and third-party security products, automate the incident response process and manage threat intelligence and security context data in a single location.
Increased Focus on Protecting the Endpoint
The final recurring topic among my conversations at Cisco Live is protecting the endpoint, especially as today’s modern work environment adds another layer of complexity to security. With people on and off the network as they work in the office or remotely, businesses need a security approach that protects an individual’s identity.
This has led to an increased interest in multi-factor authentication (MFA). With MFA, a person’s username and password are not enough to assume an individual’s identity, and the risk of a hacker getting access to critical data is significantly reduced. However, beyond user-device trust, businesses must ensure trusted access across workforce, workload and workplace.
It is without a doubt that the cybersecurity landscape is constantly evolving. However, the industry is heading in the right direction and I’m highly encouraged by the conversations and discussions that I heard last week.
To successfully transform and compete in today’s business environment, it is important for organizations to ensure that their networks are able to scale optimally to meet the growing demand, they are secure to provide safeguards against any cyberattacks, and can use automation to deliver services in an efficient and productive manner.
Over the next two months, I’ll be diving deeper into some of these topics, where we’ll get to hear from industry experts and explore the challenging environment that CISOs operate in, and the role we can play to help empower CISOs.