In the war against malicious cyber activity, it’s time for security vendors to step in – and it’s not how you might think. CISA Director Jen Easterly put it right at this year’s Black Hat conference: “We got ourselves into this; we have to get ourselves out.”
Geopolitical tensions are rising worldwide, attacks are becoming increasingly sophisticated, and nation-state threats on US organizations and critical infrastructure are at an all-time high. As we prepare to enter another year of aggressive cybersecurity threats and reflect on some of the most significant attacks this year, bolstering defenses from a technical standpoint is undoubtedly needed.
However, cyber leaders must also look inward at how they can fulfill their responsibilities to protect the greater good – which means focusing on doing good. While this task may sound simple, a “good cyber leader” recognizes that when it comes to their daily operations, livelihoods are at stake, and the best course of action is nurturing a human-first mindset. This approach helps cyber leaders become trustworthy examples who can make a real impact.
Private security leaders must ensure their cyber pros feel equipped in their roles amid the burnout, stress, and fatigue exacerbated by today’s threats, and they have to do their part to educate non-technical employees and the public on the consequences of successful attacks and how to protect themselves.
Your responsibility to your cyber teams
A good cyber leader leads by example and with intention. Whether it’s a large enterprise or a small business, bolstering proactive defenses is critical to everyday functions. They should consistently evaluate their tech infrastructure and ensure they’re helping, not hindering, the productivity and efficiency of their teams.
While “solution fatigue” brought on by the vast array of cyber technologies on the market is real, embracing innovation is critical. Cyber leaders must consider innovations that fit their organization’s needs and lessen the burden on teams. Businesses become more effective when security teams have the tools and education they need to feel productive.
Companies should prioritize strategies and solutions that will help their security teams the most. Key considerations that promote alignment reduce complexity, and thwart threats include:
- Expanding visibility: Ensuring solutions provide proactive threat hunting and detection across endpoints and all areas of the network. After all, you can’t secure or manage what you can’t see.
- Making attack strategies economically unviable: The profit margin for attackers is too high as tactics like ransomware continue to be lucrative for criminals. Leaders must limit the financial benefit of a successful attack by prioritizing basic cyber hygiene like identity management, as stolen identities and credentials are one of the most accessible avenues for attackers to use to gain access to an organization.
- Improving resiliency plans: Simulating an attack and determining what it would take to keep the organization operating in the event of an incident is an invaluable practice. Doing so enables leaders to identify areas of improvement and apply those lessons learned to incident prevention and response plans.
- Thinking like an attacker: Understanding the various methods and motives of attackers is essential for staying ahead of them. Awareness of industry trends can help leaders better educate security teams on proactive hunting for threats across the network.
- Always looking ahead: Every leader knows the importance of long-term planning. It’s critical to understand how new technologies, legislation, or world events will make an impact five to ten years out, then strategize from that future-looking perspective.
Your responsibility to your non-technical employees
Across departments, creating a culture of learning and collaboration is invaluable. True cyber preparedness means establishing better cyber hygiene for all employees. To get there, making cybersecurity a core business strategy and involving all employees in cyber risk management can help improve decision-making and response in the event of an incident.
Leadership involvement is also necessary to align strategies, meet regulatory requirements, and ensure business continuity. Focusing on training and education on the latest threats to be aware of – such as AI-enhanced phishing attacks – and providing opportunities for upskilling can help leaders cultivate a more secure workforce.
Good cyber leaders plan for both the long- and short-term. They must ensure they have response plans in place should an incident occur, and everyone from the C-suite and board to IT, security, and other teams across the organization are aware of their own role in upholding cybersecurity protocols.
Your responsibility to the public
Every cyber leader knows they’re responsible for understanding the threat landscape and staying current on the latest incidents and trends for effective risk management. But they also have a responsibility to people.
In response to today’s threats, cyber pros are joining the stage as “do-gooders,” from defending their most sensitive data in the enterprise to protecting the public from fallout on critical infrastructure attacks. Attackers – especially nation-state actors – wat to destabilize citizens’ trust in its security. For example, they’re increasingly using tactics like ransomware as part of their arsenal.
A recent report found that in 2023 alone, US organizations experienced the highest number of ransomware incidents and paid the largest ransoms at about $2 million more than the global average. Moreover, 95% of security and IT leaders surveyed reported at least one ransomware incident in the past year. Major attacks like ransomware can significantly impact people, including those who work with impacted brands or have compromised their personal information.
Cyber leaders play a pivotal role in educating the public about the types of cyber threats, potential outcomes, and how to protect themselves. Promoting cyber awareness across the public can be something as small as sharing tips and best practices on mediums like social media, podcasts, and written content.
It can also mean participating in industry discussions with other leaders or helping those interested in the field get a foot in the door. As a business leader, it can also mean developing products that will consistently protect the average person, even if they may not acknowledge it in their day-to-day lives.
Cybersecurity is a group effort
Cyber leaders have the agency to change the world and ensure everyone is safe, from employees and customers to partners and the public. They understand how critical their role is, that it’s not “just a job,” and that there’s a level of shared responsibility to consider the people who can be affected by the windfall of cyberattacks. We can safely assume that as we enter 2025, cyber threats will worsen, especially with AI continuing to play a role in attack sophistication and spreading misinformation.
Doing the best work possible to keep people, infrastructure, and data safe means leaning into a human-first mindset and leading with empathy. While leaders play a critical role in managing these risks, they should also feel empowered to spread their knowledge across their company and the public. The result is a more educated population on the increasing risks and how to protect themselves best.