Page 35 - Cyber Defense eMagazine October 2023
P. 35

plan.  Finally,  companies  must  commit  to  timely  and  clear  communications  across  all  technical  and
            business stakeholders (including finance, legal, and the executive team).

            Powerful new tools can simplify this process. For example, by having existing security applications feed
            their logs directly into cloud-native solutions, security pros can quickly determine the severity and scope
            of potential incidents.

            Analytics and dashboarding solutions can also be used to provide reporting and automated notifications
            to  help  analysts  understand  the  scope  of  detected  threats  and  provide  their  organization  with  the
            information required to determine the materiality of the cybersecurity incident.



            Preparing For Uncertainty


            One of the biggest challenges companies now face is anticipating how the SEC regulations will play out
            in practice. For example, how to determine whether a potential breach is an actual incident? When does
            it meet the SEC reporting threshold? Running afoul of the new rules could have a material impact on the
            entire organization.

            Due to this additional scrutiny on security breaches, we will also continue to see an evolution of the CISO
            or top security leader role. It will become increasingly important for CISOs to have a seat at the board
            table to help guide organizations’ risk management processes and incident response. Public companies
            will also seek out security-minded board members with cross-functional business experience to be the
            most impactful.

            Luckily, companies with a robust infrastructure and security-focused culture throughout the organization
            that prioritize best practices, staff training, and AI-enabled logging and reporting capabilities should be
            well-positioned to weather the storm.





            About the Author

            As Sumo Logic's CSO and SVP of IT, George Gerchow brings over 20 years of
            information technology and systems management expertise to the application of
            IT processes and disciplines. His background includes the security, compliance,
            and cloud computing disciplines. Mr. Gerchow has years of practical experience
            in  building  agile  security,  compliance  and,  IT  teams  in  rapid  development
            organizations. He is a Faculty Member for IANS  - Institute of Applied Network
            Security and sits on several industry advisory boards. Mr. Gerchow is also a
            known philanthropist and Founder of a nonprofit corporation, XFoundation.

            George  can  be  reached  online  at  LinkedIn  and  at  our  company  website
            https://www.sumologic.com/






            Cyber Defense eMagazine – October 2023 Edition                                                                                                                                                                                                          35
            Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.
   30   31   32   33   34   35   36   37   38   39   40