An organization’s cybersecurity team thrives on information. Sounds right, but how does one go about finding such information with technology changing daily?
One place might be the 2017 TAG Cyber Security Annual. Dr. Edward Amoroso, CEO of TAG Cyber, a cybersecurity consultancy, has created a massive information resource to help cybersecurity professionals–with the operative word being professionals. “This is not a work intended for non-practitioners, beginners, or casual industry observers,” states Amoroso. “This is written for the working cybersecurity practitioner, with the presumption that readers have experience, expertise, and knowledge of enterprise cybersecurity.”
Working cybersecurity practitioners, according to Amoroso, are people tasked with protecting their organizations from potentially damaging cyberattacks. In his security guide, Amoroso refers to these men and women as members of CISO (Chief Information Security Officer) teams.
SEE: Special report: Cyberwar and the future of cybersecurity (free ebook) (TechRepublic)
What to focus on
To protect an organization’s digital realm, the CISO team, according to Amoroso, must focus on the following.
- Compliance: There is a need to pay attention to regulatory frameworks such as the Payment Card Industry Data Security Standard (PCI DSS) and ISO 27000.
- Technology: Since vendors are constantly offering new products and services, CISO teams must keep in touch with what is available.
- Innovation: CISO teams need to be on the lookout for groundbreaking strategies and technologies that are tailored to their company’s need.
- Architecture: The shift away from traditional perimeters is ongoing; organizations need to focus on virtualization, mobility, and the cloud.
SEE: Security awareness and training policy (Tech Pro Research)
To accomplish the above, in particular, architecture, Amoroso suggests any perimeter-based infrastructure must be replaced with smaller distributed micro-segments (Step 1 in Figure A). The newly-formed segments should reside in virtualized cloud-based systems with advanced security protections (Step 2 in Figure A).
Finally, Amoroso says that all antiquated cybersecurity technologies should be replaced with more advanced systems (Step 3 in Figure A). Amoroso adds, “These three steps–exploding, offloading, and reloading–are required to stop the advanced cyber attacks being aimed at commercial and government systems.”
What’s included in the guide
Amoroso compiled three volumes of technical data, interviews with experts, and a compendium of active vendors. Let’s look at each one.
Volume 1 – Cybersecurity fifty controls (PDF): This volume provides technical and marketing analysis on the 50 major controls that a CISO team must address to combat cyberattacks. “The treatment in this report is unique in the sense that it weaves technical recommendations on common and familiar areas such as identity and access management with areas that typically receive less attention such as security recruiting and cyber insurance,” writes Amoroso. “The unifying theme, however, is their practical relevance to CISO teams trying to improve their defensive posture.”
Volume 2 – Cybersecurity luminary interviews (PDF): Amoroso conducted interviews with cybersecurity leaders. “Every single one of these individuals and their teams emphasized that their common mission is to support the CISO and enterprise security team,” writes Amoroso. “These unsung professionals toil day in and day out trying to keep our power working, our communications connected, our planes and trains running, and our food and water adequately stocked.”
Amoroso mentions that the interviews are organized alphabetically; however, they can be read in any order.
Volume 3 – Cybersecurity vendor listings (PDF): Amoroso compiled a listing of 1,337 active cybersecurity vendors who supply either products or services. The purpose of the list, according to Amoroso, is to create a comprehensive initial description of currently available commercial solution providers. With a tip of his hat to leetspeak, Amoroso mentions, “I stopped at 1337 vendors for a reason. (If you don’t know why, then you should hack a trip to Vegas next August.)”
This was not a small project; the three volumes add up to over 1,200 pages.
Amoroso ends with the following caveat, “The reader must expect a plethora of errors and inaccuracies, especially in Volume 3.” As to why, he explains that company information changes so quickly, it was impossible for him to keep up. He suggests that should not take anything away from the guide’s usefulness. Amoroso also pledges to have a revised edition next year.
Note: The 2017 TAG Cyber Security Annual was sponsored by Arbor Networks, a division of NETSCOUT.