As cyberattacks increase in number and severity, it’s important to stay up to date on the latest technology solutions and best operating practices.
Matthew Trushinski, vice president for product marketing at Arctic Wolf Networks and Patty Ryan, senior director and chief information security officer at QuidelOrtho, joined CyberScoop to give their insights on how organizations can prepare for cyber threats with proactive readiness.
“Getting proactive is everywhere from having a plan — to having technologies, policies, procedures and people in place to be able to respond that … all the way to having technologies bought and integrated and attack surface visibility to make sure that you understand how someone might get in your critical assets, what they might obtain, and how you would react to and keep your either business or organization running during that time,” says Trushinski.
Ryan says that “preparedness” is not only about technology and IT but the people. She says it’s essential to ensure “leadership understands their role in governance and accountability with regards to security, their need for supporting the security program, and understand that they are part of the toning culture, of a security by design across the organization.”
She also shared that QuidelOrtho regularly holds tabletop exercises and most recently held one of their chief executives. She says it was “eye-opening for them to see how a scenario could evolve.” She said that during the exercise, they brought the different executives in real-time, briefing them and having them make decisions with constant scenario changes.
“It was those practical questions at the executive level that made them pause, reaffirming that idea of the operational mindset — they need to make sure that everyone understands how things work and how to recover; it’s not about a tool. It’s not about a magic widget. It’s about how you run your day-to-day business and make sure you’re steeped in how it works so that you can make appropriate decisions at the moment if problems arise,” Ryan says.
Trushinski and Ryan further explain the right capabilities an organization needs to have to detect and respond to breaches to minimize risks, be resilient to an attack, and prevent more in the future. “Proper vulnerability management and prioritization is a huge component of being resilient,” says Trushinski, while Ryan stresses the importance of engaging c-suite decision-makers.
Both executives discuss best practices in developing a proactive incident response management plan. Watch the interview to learn more about how public sector and critical infrastructure leaders can better detect and respond to cyber threats.
Learn more about optimizing security operations. This video panel discussion was produced by Scoop News Group and CyberScoop and underwritten by Arctic Wolf Networks.