Page 35 - Cyber Defense eMagazine October 2023
P. 35
plan. Finally, companies must commit to timely and clear communications across all technical and
business stakeholders (including finance, legal, and the executive team).
Powerful new tools can simplify this process. For example, by having existing security applications feed
their logs directly into cloud-native solutions, security pros can quickly determine the severity and scope
of potential incidents.
Analytics and dashboarding solutions can also be used to provide reporting and automated notifications
to help analysts understand the scope of detected threats and provide their organization with the
information required to determine the materiality of the cybersecurity incident.
Preparing For Uncertainty
One of the biggest challenges companies now face is anticipating how the SEC regulations will play out
in practice. For example, how to determine whether a potential breach is an actual incident? When does
it meet the SEC reporting threshold? Running afoul of the new rules could have a material impact on the
entire organization.
Due to this additional scrutiny on security breaches, we will also continue to see an evolution of the CISO
or top security leader role. It will become increasingly important for CISOs to have a seat at the board
table to help guide organizations’ risk management processes and incident response. Public companies
will also seek out security-minded board members with cross-functional business experience to be the
most impactful.
Luckily, companies with a robust infrastructure and security-focused culture throughout the organization
that prioritize best practices, staff training, and AI-enabled logging and reporting capabilities should be
well-positioned to weather the storm.
About the Author
As Sumo Logic's CSO and SVP of IT, George Gerchow brings over 20 years of
information technology and systems management expertise to the application of
IT processes and disciplines. His background includes the security, compliance,
and cloud computing disciplines. Mr. Gerchow has years of practical experience
in building agile security, compliance and, IT teams in rapid development
organizations. He is a Faculty Member for IANS - Institute of Applied Network
Security and sits on several industry advisory boards. Mr. Gerchow is also a
known philanthropist and Founder of a nonprofit corporation, XFoundation.
George can be reached online at LinkedIn and at our company website
https://www.sumologic.com/
Cyber Defense eMagazine – October 2023 Edition 35
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.