Public sector organizations play essential roles in making our society function; it’s incumbent upon them to develop more effective strategies to better detect and respond to cyberthreats by taking new approaches to security operations.
In a new CyberScoop interview, FirstBank CISO Brenden Smith and David Kruse, Tetra Defense’s Director of Insurance Alliances, share their insights on the contours of cybercrime within the larger cyberthreat landscape, methods for reducing exposure to cybercrimes and ways to improve cyber readiness and response.
“If you are going to be a victim of cybercrime, there is a good chance it’s going to be something like a ransomware attack. And that is going to be immediately felt, impactful and painful in many cases. Unfortunately, threat actors most often are compromising their companies via some external vulnerability that is able to be detected with some commodity vulnerability scanner. So, you can help reduce that exposure by using the same tools they use to detect you, to find whatever external vulnerabilities you might have, and get them patched before the threat actors are able to exploit them,” says Kruse.
As CISO of one the largest privately held banks in the U.S., Smith said they are focusing on attack surface management and the MITRE ATT&CK framework. “We’re using [the framework] to try and understand and better analyze the threats coming in from the real world. So, when we see attacks in the news or other things, we’re comparing what’s happening in those attacks against what’s happening in our particular environment. From there, we take that information, and we’re using deception systems to inform our ability to detect [bad actors].”
Smith also explained the best risk management controls, including insurance — and how the cyber insurance marketplace is also evolving in light of growing cybercrimes.
“If [organizations] are not staying on top of [external scanning] and identifying potential weak points before the underwriting team is, it’s going to increase the friction throughout the underwriting process. If they do not have a story to tell related to vulnerability management, multi-factor authentication, EDR tooling and backups — if they don’t have a strong story to tell in those four areas, they’re going to have a hard time getting coverage,” said Smith.
When looking ahead to other risk management areas executives need to consider when developing security strategies, Kruse said there is an “opportunity for organizations to expand the traditional concept of a tabletop exercise” and that “there’s an increasing opportunity to associate those with financial risk modeling.”
Learn more about guarding against cybercrime and developing more effective cybersecurity strategies with Arctic Wolf.
This video panel discussion was produced by Scoop News Group and CyberScoop and underwritten by Arctic Wolf Networks.