The average tenure of a modern CISO is 24-48 months [i] [ii]. 24-48 months to take on perhaps the most critical role in any organization’s security organization. After all, what is a CISO if not a leader and visionary defining and executing against a strategy that takes into consideration every aspect of an organization’s risk posture to and including its real-time attack surface and state of compromise. Historically, the Chief Information Security Officer (CISO), was a narrowly defined role however, that is no longer the case [iii]. CISOs often take ownership of duties and responsibilities traditionally associated with peers such as Chief Security Officers (CSO) and Vice Presidents of Security. In doing so this indicates not only an evolution in terms of role, responsibility, and scope but also in terms of oversight and responsibility within the organization itself [iv]. The CISO is critical to the success or failure of an organization’s cybersecurity program without question. It is an incredibly important role and, at times a demanding one. I am not a CISO. I have never been a CISO however, I have acted as a virtual CISO, and advised many CISOs through the years. My respect and admiration for the CISO and those who aspire to be one is immense. It’s not a role for the faint of heart. It has its challenges. For example, most CISOs today are not members of the board of directors (BoD). According to a recent survey conducted in 2018, approximately 26% of all CISOs surveyed were members of their respective BoD and only 25% of those surveys believed that they ought to be [v]. Furthermore, in other reports, CISOs believe they are in direct competition for funding with other business and IT initiatives for funding [vi] making things more challenging and many reports that due to the increased stress associated with their roles, they are suffering from moderate to high degrees of stress [vii].
Aside from the traditional stresses associated with the leadership of people and teams within any organization where budgets are not unlimited and competing imperatives are more often than not realities, there are of course some very unique things that can and do influence the degree of difficulty associated with being a CISO in the era of the modern breach and compromise. There are several well-known cases where CISOs were relieved of their duties due to the organization they supported being breached resulting in a compromise by adversaries [viii]. For the CISO, the reality of the net effect of a breach and compromise to brand reputation, shareholder confidence, market value, and livelihood are well known and understood.
But what if there were a way to level the playing field, or perhaps better yet, see the CISO and his peers given an unfair advantage that would enable and empower their teams to act in a proactive stance to address real, and present threats within their environments that their currently deployed cybersecurity point products and suites were simply incapable of detecting or identifying or worse yet, unable to eradicate throughout the organization?
Here at Prevailion our mission is to provide the tactical and strategic advantage that organizations and their leaders need to defend and mitigate against the threats posed by adversaries within their environments, and within the environments of the organizations, they conduct business with.
We believe that through the development and application of advanced tooling and tradecraft and, we can achieve our vision of a world that does not live in fear of cyber-attack and compromise. A world where CISOs possess real-time awareness of their organization’s state of compromise – driven by Evidence of Compromise and Compromise Intelligence, in addition to the state of their most trusted partners, vendors, and suppliers. In delivering this type of capability into the hands of the CISO, their programmatic and operational initiatives will see improvement while the efficacy and efficiency of their compensating controls and operational teams will mature dramatically.
The APEX Platform enables key stakeholders – CISOs, their peers, and teams, to make informed, confident decisions concerning their state of compromise and that of their partners and vendors in near-real-time. This capability places a previously unrealized power and advantage squarely in the realm of the informed CISO allowing them to execute in a manner that increases their credibility and stock – along with that of their program and organization within the organization and beyond. Today, CISO’s can receive a free account and credentials for the Prevailion APEX Platform that will enable them to inspect what they expect from their cybersecurity program, teams, and the vendors they trust to secure and protect them at no cost.
Whether you are a tenured CISO with a mature program or a relatively new one with challenges to address, the value presented in the form of external visibility provided by the APEX Platform can and will help you assess, monitor, and course-correct any deficiencies in your organizational risk posture.
At Prevailion our mission is clear. Our intent is pure. Our goals for cybersecurity defenders, like our hero the CISO, attainable. And we will prevail.
Karim Hijazi, who served as the director of intelligence of the cybersecurity firm Mandiant and now serves as CEO of the security firm Prevailion, said the hackers will likely have “gone to ground” at this point.
While threat actors like Cozy Bear and Fancy Bear get a lot of attention, there is another While threat actors like Cozy Bear and Fancy Bear get a lot of attention, there is another sophisticated crime actor that companies need to be watching out for.The group is called TA505 and it is believed to be […]
“This was the most pristine espionage effort, unlike anything we’ve seen in a very long time,” said Karim Hijazi, a former intelligence community contractor. “Everyone in the cybersecurity community is freaking out, because we don’t know where this could stop.”