SecurityTechTalk

Cybersecurity Transformations
Chat with AT&T Business cybersecurity experts on important industry changes.
Dez Blanchfield
Q1: What differentiates a good from a bad cybersecurity program? @ATTCyber #RSAC #SecurityTechTalk https://www.crowdchat.net/s/05sjw
https://www.crowdchat.net/s/05sjw

Dez Blanchfield
the most effective Security programmes are usually those which have full top down enterprise wide endorsement rather than be silo'ed per department / business unit @ATTCyber #RSAC #SecurityTechTalk #ATTInfluencer
Paul Colmer #DevOps 🎸☁️🛰️🚀🇦🇺
Yes Dez....you need support of your leadership ...
Dez Blanchfield
@MusicComposer1 - yes indeed.. what examples have you seen that work best in today's challenging fast paced world?
Evan Kirstel
A1 good programs remember that humans are often the weakest link; a simple human error can result in an astronomical problem! #attinfluencer
Kate Brew
A good Cybersecurity program includes the right personnel, processes and technology. A bad one is missing one or more of these :)
✨Sarah Groves✨
A good #cybersecurity program prevents, detects and responds to #Cyber threats giving you the peace of mind so you can focus on the rest of your business! A bad one is one without a set plan. @ATTBusiness @ATTCyber #RSAC #SecurityTechTalk #ATTemployee
Paul Colmer #DevOps 🎸☁️🛰️🚀🇦🇺
It's best to focus your efforts and start with the most common types of risks....data breach is No.1 @alcgroup #CyberSecurity
Bob E. Hayes
I see how this works now.... I think a good security program is one that learns over time (ala #machinelearning) regarding the threats.
Javvad Malik v2.0
One that aligns to the actual business objectives and goals. There are many good ways to run a cybersecurity program, but not all of them will be right for your org, your threat model, and your assets. #SecurityTechTalk
Paul Colmer #DevOps 🎸☁️🛰️🚀🇦🇺
And phising is a huge attack vector...so carry out regular simulations....once a month...#CyberSecurity @alcgroup
Paul Colmer #DevOps 🎸☁️🛰️🚀🇦🇺
Another important aspect of security is being ready to respond to incidents. You're going to have a data breach so make sure you practice your response...#CyberSecurity @alcgroup
Paul Colmer #DevOps 🎸☁️🛰️🚀🇦🇺
@evankirstel They are Evan...so training your people and reenforcing the learning is key #CyberSecurity @alcgroup
Javvad Malik v2.0
@MusicComposer1 Definitely agree with this. Many boards are getting wise to the fact that a breach may happen, most don't like surprises, or not having a response plan.
Paul Colmer #DevOps 🎸☁️🛰️🚀🇦🇺
@bobehayes Yes...attackers are using AI, so we must use the AI techniques in software to detect attacks. Static firewalls are less effective...we need AI threat management...as in @Office365...#CyberSecurity @alcgroup
Paul Colmer #DevOps 🎸☁️🛰️🚀🇦🇺
@J4vv4D You have to accept that you're going to have a data breach....so just like an emergency response first responder...learn your #CyberSecurity first aid.....@alcgroup
Paul Colmer #DevOps 🎸☁️🛰️🚀🇦🇺
@Kevin_Jackson Machine Learning is just another practice subset of AI focused mathematical algorithms...Deep Learning is another practice where we mimic how the brain works with neural networks...both are key to #CyberSecurity protections...@alcgroup
Bob E. Hayes
@Kevin_Jackson - #MachineLearning is a subset of AI... look at the security problems (in the form of data - the criteria) to identify the causes of those problems (the predictors). If you know what predicts security problems, you're better able to manage them.
Dez Blanchfield
@bobehayes - such a great point, how should we start this conversation - board room level or team / group level? @ATTCyber #RSAC #SecurityTechTalk #ATTInfluencer
Javvad Malik v2.0
@bobehayes Great point. Do you think many companies have the relevant data in a ML-friendly form? I guess I'm wondering if many are ready especially when so much is run on spreadsheets and held together by bubblegum. #securitytechtalk @Attcyber #RSAC
Bob E. Hayes
@J4vv4D Good question. I doubt their data are ML ready... but deep insights take time and energy. This is a good reason why management/executives need to budget for security.
Dez Blanchfield
Q3: How do you think organizations should measure cybersecurity effectiveness? @ATTCyber #RSAC #SecurityTechTalk
https://www.crowdchat.net/s/25sku
https://www.crowdchat.net/s/25sku

Kate Brew
I think this is an area where metrics are tricky. Simply giving metrics on particular attacks detected is not the best
Evan Kirstel
A3 starting with the right key performance indicators (KPIs) and key risk indicators (KRIs)! #ATTInfluencer #ATTCyber #RSAC
Javvad Malik v2.0
Step 1. Ditch vanity metrics to measure. Counting something like number of blocked spam is like saying how many raindrops your umbrella kept off you. Focus on outcomes and measure towards those goals. #SecurityTechTalk
Paul Colmer #DevOps 🎸☁️🛰️🚀🇦🇺
Many ways....but most importantly...baseline before and after your security program...phising is a great example...run a simulation..baseline results...train users...then run a simulation again and see the improvements...#CyberSecurity @alcgroup
Paul Colmer #DevOps 🎸☁️🛰️🚀🇦🇺
You can't manage what you can't measure....I think that's from Peter Drucker....#CyberSecurity @alcgroup
✨Sarah Groves✨
An idea is to make a checklist of security controls and count, for each control, if you can articulate its value. In the @ATTBusiness #Cybersecurity report you can see more! https://www.business.att.com/learn/cybersecurity-r...
@ATTCyber #RSAC #SecurityTechTalk #ATTEmployee
https://www.business.att.com/learn/cybersecurity-report-volume-8.html
AT&T Cybersecurity Insights Report Vol. 8: Don’t Invest More in Cybersecurity. Invest Smarter.
AT&T Cybersecurity Insights Report Vol. 8: Don’t Invest More in Cybersecurity. Invest Smarter.
AT&T Cybersecurity Insights Report Vol. 8: Don’t Invest More in Cybersecurity. Invest Smarter.
Paul Colmer #DevOps 🎸☁️🛰️🚀🇦🇺
There are some great tools...to help you determine what you should measure...and you may not get the measures right first time...so don't be afraid to pivot...if it's not working....#CyberSecurity @alcgroup
Paul Colmer #DevOps 🎸☁️🛰️🚀🇦🇺
Try prototyping some measures to see if they work...and then expand from there....#Agile #CyberSecurity @alcgroup
Bob E. Hayes
First, identify what your security problems are and get measures that track each type of problem. One measure is never enough.
Paul Colmer #DevOps 🎸☁️🛰️🚀🇦🇺
@securitybrew I think that measuring the severity and type of attack is important...but as you say...certainly not the end. Detecting that you have been breached is problematic...the av company takes ~180 days to detect a breach...#CyberSecurity @alcgroup
Kate Brew
Right on Paul!!
Dez Blanchfield
Q6: What is the role for managed security service providers (MSSP) today? @ATTCyber #RSAC #SecurityTechTalk https://www.crowdchat.net/s/35smf
https://www.crowdchat.net/s/35smf

Kate Brew
I think it depends on the situation. In many situations #MSSP is the most effective way for organizations to handle business risks. Requires evaluation?
Evan Kirstel
Will play an important role in helping organizations cope with hiring challenges and meet regulatory/ compliance requirements #rsac #attinfluencer #attcyber
Javvad Malik v2.0
It's important to understand that not all MSSP's are created equal. Important to evaluate capabilities. But the right one can nicely become an extension to the security department, allowing the team to free up time and resources to focus on strategic objectives.
✨Sarah Groves✨
From our latest @ATTCyber report... the right MSSP can enable 3 critical capabilities. #cybersecurity
@ATTBusiness #RSAC #SecurityTechTalk #ATTEmployee https://www.crowdchat.net/s/85smn
https://www.crowdchat.net/s/85smn

Kate Brew
Hiring good Cybersecurity folks can be like looking for unicorns - tricky! So MSSP can make a lot of sense.
Bob E. Hayes
#MSSP steps in to help the company to... deal with data breaches, skills shortages and resource limitations. Think of them as a part of your data science team that ensures data are secure/safe.
Bob E. Hayes
@sstoesser Awesome list, Sarah.
Paul Colmer #DevOps 🎸☁️🛰️🚀🇦🇺
Partnering is critical in every area of the IT department....extending this to security makes perfect sense....partners can leverage their intellectual property and people....so you can focus on your business...#CyberSecurity @alcgroup
Dez Blanchfield
Q7: How should internal IT security collaborate with a MSSP? @ATTCyber #RSAC #SecurityTechTalk https://www.crowdchat.net/s/95smq
https://www.crowdchat.net/s/95smq

Kate Brew
I think introducing MSSP as a way to help, not a challenge to their skills and expertise is a huge help.No-body likes a taddle tail!
http://help.No
HELP Forsikring
HELP Forsikring
Advokatforsikring og boligkjøperforsikring gir deg rimelig advokathjelp ved behov. Du betaler ingen timepris for advokatbistand, kun forsikringspremien.
Bob E. Hayes
Ensure the internal IT team gets other biz stakeholders involved (execs, #datascience team members, data users) to get a comprehensive picture of how data are used and why.
✨Sarah Groves✨
Even when things are up and running, continue to fine-tune and upgrade the systems together. MSSPs help #cybersecurity teams stay confident!!
@ATTBusiness @ATTCyber #RSAC #SecurityTechTalk #ATTEmployee https://www.crowdchat.net/s/75sn5
https://www.crowdchat.net/s/75sn5

Paul Colmer #DevOps 🎸☁️🛰️🚀🇦🇺
Collaborately....treat them like they work for your company....like an employee....embed them in your agile release trains...you know your CI/CD pipeline...#DevOps #CyberSecurity @alcgroup
✨Sarah Groves✨
@bobehayes Yes! It's all about collaboration between teams.