Connect with us


CISOs prioritizing response, recovery outperform zero-tolerance approaches

Chief information security officers (CISOs) who elevate response and recovery to equal status with prevention are generating more value than those who adhere to outdated zero tolerance for failure mindsets, according to Gartner, Inc.

“Each new cybersecurity disruption exposes the fact that CISOs manage more through adrenaline than intention, which is unsustainable,” said Dennis Xu, VP Analyst at Gartner. “CISOs need to be resilient through intention, rather than adrenaline, if they want to thrive.”

“The industry has made incredible strides on the prevention side of things, but response and recovery remain under-developed muscles because of the industry’s zero tolerance for failure mindset,” said Christopher Mixter, VP Analyst at Gartner. “In an era where successful cyberattacks are increasing in volume and impact despite preventative cyber investments, organizations must augment their approach to elevate response and recovery to equal status with prevention.”

To begin the journey toward augmented cybersecurity, Gartner’s label for a cybersecurity function that has elevated response and recovery to equal status with prevention, CISOs should prioritize three areas of activity: building cyber fault tolerance in the business, streamlining to a minimum effective cyber toolset, and building a resilient cyber workforce.

During the Opening Keynote of the Gartner Security & Risk Management Summit, taking place here through Wednesday, Mixter and Xu outlined how to rapidly make progress toward becoming augmented cybersecurity organizations via these three areas.

Build Cyber Fault Tolerance In the Business

Gartner recommends that CISOs work to build cyber fault tolerance into their business by focusing first on two areas of business activity where preventative cybersecurity measures are very visibly underperforming: generative AI (GenAI) and the use of third-parties.

For a rapidly evolving technology like GenAI, it is impossible to prevent all attacks at all times. The ability to adapt to, respond, and recover from inevitable issues is critical for organizations to explore GenAI successfully. Therefore, effective CISOs are complementing their prevention-oriented guidance for GenAI with effective response and recovery playbooks.

Regarding third-party cybersecurity risk management, no matter the cybersecurity function’s best efforts, organizations will continue to work with risky third parties. Cybersecurity’s real impact lies not in asking more due diligence questions, but in ensuring the business has documented and tested third-party-specific business continuity plans in place.

“CISOs should be guiding the sponsors of third-party partners to create a formal third-party contingency plan, including things like an exit strategy, alternative suppliers list, and incident response playbooks,” said Mixter. “CISOs tabletop everything else. It’s time to bring tabletop exercises to third-party cyber risk management.”

Minimum Effective Toolset
One of the places that the zero tolerance for failure mindset is most embedded is in cybersecurity’s approach to technology.

“CISOs keep old gear past its sell-by date while also rushing to add new tools without fully understanding the added cost and management complexity they bring,” said Xu. “CISOs must break the cycle of gear acquisition syndrome that inhibits their ability to thrive by embracing an ethos of adopting the fewest number of tools required to observe, defend and respond to exploitations of the organization’s exposures.” Gartner

Click to comment

You must be logged in to post a comment Login

Leave a Reply

Copyright © 2024 Communications Today

error: Content is protected !!