Buying time with automated defense strategies, mitigating staff/skills shortages and five other measures are key to preserving CISO sanity!

Is your organization’s losing its CISO or cybersecurity peers? Are incumbents for replacing the CISO not forthcoming due to the sheer stress known to be exerted on this role in the post-COVID era?

With more CISOs “tapping out” in search of sanity and relief, organizations and critical infrastructures are being put at greater risk — implicating the safety of the wider population — because large amounts of personal data are now stored online.   

As Christopher Chai, Solution Director (APJC), Hackuity, puts it to CybersecAsia.net: “In our experience, firms that suffer multiple cyberattacks (probably) still have a large portion of their cybersecurity work done in a very manual and tedious fashion, which includes assessment, prioritization, notification, remediation and so on.”

Find out what he suggests for CISOs and organizations to seize upon, in order to stay secure and resilient amid raging and insidious cyber warfare …

CybersecAsia: How is the tech talent shortage contributing to CISO burnout? Are CISOs in the region facing unique challenges compared to those in the West?

CybersecAsia: How can firms in the region mitigate these trends, and in your experience, where did those that suffered multiple cyberattacks go wrong in their strategy?

CC: Firms in the region can mitigate such challenges by exercising robust and intelligent cyber hygiene and automating tasks that go beyond human processing capabilities.

In our experience, firms that suffered multiple cyberattacks still have a large portion of their cybersecurity work done in a very manual and tedious fashion, which includes assessment, prioritization, notification, remediation and so on.

The overwhelming routine tasks would swamp the cybersecurity team’s time and resources before they can look into processes and strengthen their cybersecurity perimeters to prevent similar cyberattacks in the future. 

CybersecAsia: While our readers are well aware of the need to find and fix vulnerabilities before cyber incidents can occur, the growth and sophistication of attackers seems to be outpacing vulnerability management worldwide. What can be done to bridge this widening gap?

Continually expanding digitalization and utilizing intelligent solutions that are capable of aggregating and analyzing data from dozens of siloed security tools are two keys to bridging the widening gap.

By consolidating everything under a single pane of glass rather than having a fractured view from different tools, organizations can also easily automate various processes by prioritizing tasks that need to be worked on immediately; and the cybersecurity team can optimize their team and effort on patching the truly critical vulnerabilities, while the CISOs are relieved of these tasks to focus on strategic cybersecurity posture management. 

CybersecAsia: The APAC region is known to be a top target for cybercriminals, so CISOs here are already on high alert. Automation, AI/ML solutions are already available to cushion that impact. Do you have any further objective advice to help CISOs here to do more with less?

CC: While automation and AI/ML solutions are definitely very useful to cushion the impact, an organization’s cybersecurity posture is only as good as its weakest link in which practicing good cybersecurity hygiene could have prevented 80%.

Coupled with automation and AI/ML solutions, that is the best way to help CISOs to do more with less.

CybersecAsia thanks Christopher for sharing his insights.