Threats on the Horizon: What InfoSec Executives are Facing and How Solution Providers Can Help

The modern Information and Cyber Security Executive faces data security challenges that are evolving every single day. A decade ago the threats were a small handful: DDoS attacks, viruses, and email spam, to name a few. Today, there are dozens—APTs, insider threats, social media attacks, email phishing, malware, ransomware, advanced DDoS attacks … and they have become more challenging as attackers take advantage of refined vectors and exploits. With threats more quickly worming their way into an organization’s infrastructure as data systems have moved away from physical containers, to local digital systems, and now into the cloud, information security teams must work harder than ever before to keep their organizations’ data safe.

Threats on the Horizon

When a group of Information Security Executives® were surveyed* and asked to select what security threats they are currently facing or predict they’ll be facing in the near future, six responses stuck out as the most concerning by a considerable margin: Insider Threats, Phishing, Advanced Persistent Threats (APTs), Ransomware, Malware, and Social Engineering. These attack types plague security teams daily, and while most executives and their teams have strategies in place to help mitigate damage, many are looking for more definitive answers to these issues.

One prominent executive from a financial banking organization commented that even these six only “[represented] the most prevalent risks, but are certainly not the only ones that we face.” Another CISO from the healthcare industry noted that his team has particular difficulty with APTs, Malware, and Ransomware, which he says are “the single biggest contributors to the interruption of services in healthcare.” An executive from a commercial telecommunications company believes the largest and fastest growing issue for information and cyber security is APTs; while Malware is a “never-ending” threat vector that no one has been able to kill off. “In depth-defense is required,” he explained, “As well as reliable products, processes, and people. We need a new way to look at solutions.”

Take a look at some further executive comments regarding the threats they face:

“Phishing is still the number one vector for intrusions into a network; regardless of the other controls in place, without appropriate phishing detection/prevention capability, an organization is still highly susceptible to compromise. It is through this vector that other items are made problematic, especially ransomware.” –Executive from a Payment Processing Organization

“Users consistently get infected by malware, compromising everything from passwords to IP… Antivirus vendors miss probably around 20 percent of these attacks, which means a single solution is only 80 percent effective. That’s not useful security.” –Executive from a Commercial Telecommunications Organization

“All of these are threats that resist a pure “technology” solution. While machine learning and other behavioral monitoring solutions have promise, they can be defeated by a single well written email from the stereotypical lone bad actor smoking cheap cigarettes in a garret.” –Executive from a Financial Organization

“We need a new way to look at solutions.”

Cooperative Effort Required

Executives cannot tackle these threats alone. “I don’t have a silver bullet by any means,” noted one executive. A CISO from a vehicular financial services company explained: “There are always new variants hitting the radar, and all our [current] solutions struggle to stay ahead of the next variant.”

Data breaches, system shutdowns, ransomed sensitive data—it’s a lot for InfoSec executives to handle on their own, which is why they turn to vendors and solution providers for the software, systems, and strategies that can work with them to provide new answers to put them ahead of the game. Security executives are well aware of this fact—an executive from the healthcare industry noted that, for example, his company had been hit multiple times by ransomware attacks. However, he stated that only one attack was successful, and it “was limited in its impact because of the solutions and processes [they] have in place.” Without the software and strategy that vendors can provide, security teams would be up the creek without a paddle.

Many teams already have systems in place with third-party solutions playing a role, but as the threat landscape changes, so must their security solutions and strategy. A leading executive from a telecommunications company explained that his team needs solutions that are up-to-date, successful, and work seamlessly with the other products and systems in place:

“Our success handling the major threats we see has come from creating a ‘Security Ecosystem’ where our products can work together, sharing information, enriching the data, and providing better visibility. Solutions and software need to be able to fit together like the pieces of a jigsaw puzzle. Some products just don’t fit together with the rest—those, we get rid of.”

 “Some products just don’t fit together with the rest—those, we get rid of.”

Seeking the Right Solutions and Providers

Security executives know they need to utilize the solutions provided by vendors, so third-party providers need to do their part by listening to their targets’ and clients’ top concerns and addressing them. It can be a struggle to gain the attention of these executives when they consistently speak to so many providers, but those who succeed are the ones offering the tools to take on their major concerns. Executives participating in the survey were asked a final, crucial question: What type of solution do you want to see for addressing these issues? For solution providers and vendors to succeed in building relationship with information and cyber security executives, this is a critical question they should be asking their targets and clients regularly. Solutions that don’t directly address the needs of these executives are harder to sell, won’t integrate as well with their systems, and are less useful in the long run.

 “Solutions that don’t directly address the needs of these executives are harder to sell, won’t integrate as well with their systems, and are less useful in the long run.”

One CISO said that he didn’t believe there was a single type of solution for handling the threats he and other executives face today, instead requiring “a multitude of various solutions… such as network IDS/IPS, end detection and response, network monitoring, etc.” Another from the financial industry agreed, adding that such a “multi-layered” approach would need to “dynamically [adapt] to changing technologies and threats.” As a previous executive noted, software and products need to mesh well together to be effective in a security team’s strategy—if your solutions aren’t “cooperative,” they aren’t useful.

Other executives offered more specific needs in their responses. One executive was very interested in the utilization of APIs, built-in integrations, and niched focus (in other words: providers’ solutions should not be a blanket, do-it-all tool, but should instead focus on what it’s good at). Another financial industry security executive believed AI and machine learning tools had the most promise in addressing current and future cyber attacks. However, he felt that these tools should also provide a mature form of gamification and immediate feedback for productive use. In particular, his largest need was stated in a form of criticism: providers need to stop obscuring vital threat data from their userbase.

“One of the most critical [issues in solutions we need] is that the developers of everyday software need to stop hiding the information that the end user needs to be successful in detecting a threat. When the software hides or removes the very information that the end user needs to understand the threat it almost makes them complicit in the threat.”

Transparency is one of the most significant keys in a productive relationship, even in the solutions themselves.

Initiating Customer Relationships

Information Security Executives® are facing a continuous wave of cyber attacks and threats on a daily basis, and they do need the help of effective, highly adaptable, unique tools to get the job done. These leaders are more than willing to share what issues they struggle with and what they need out of a relationship with a solution provider—they want to use your products if they can help their team succeed. So, it follows that the providers need to listen to those needs and focus their efforts on addressing them. Bring your solutions to the table and stand out among the rest by understanding their issues; learning what they want out of the relationship; knowing what tools they have in place and how yours can integrate and adapt to their environment; and showing that your solution can meet all of those needs. Initiating conversations with that impressively solid foundation of knowledge and action will give you the jumpstart your team needs to build successful solutions and establish long-lasting customer relationships.

If you’re an Information and Cyber Security solution provider and need a time and place to utilize this knowledge provided here about InfoSec executives’ top concerns, consider signing up to sponsor one of T.E.N.’s five major ISE® Programs or any of our ISE® Private Dinners, held in over 42 cities across the U.S. and Canada. For more information on these and other sponsorship opportunities, visit our website or contact our sales team at sales@ten-inc.com today.

*Editor’s Note: Data and executive opinions were collected from T.E.N.’s ISE® Engagement and Interest Questionnaire. Names have been omitted for the sake of anonymity. Copyright T.E.N. 2017.