We’re excited to share that CyberProof’s recent virtual event, The Smarter SOC Summit, was a huge success – bringing together top cyber security professionals from around the globe to focus on developing smarter SOC operations and mitigating cyber risk, particularly in the uncertain era of COVID-19.
The day’s sessions touched on issues of cyber thought leadership and included success stories shared by some of our valued customers – and ended off with a mind-blowing presentation by Master Mentalist, Lior Suchard.
Keynote: Reality Check on Global Security
The keynote address by Tamir Pardo, former Director of the Mossad and currently President of XM Cyber – explored some of the underlying trends in today’s uncertain times. Tamir touched on some of these key topics:
- On customer data: “Companies need to understand that it is their obligation to secure their people and data themselves – this is not the obligation of the State. They think that, because cyber is being used as a weapon by the State, the State has the obligation to protect them – but this will never happen. Cyber security is the responsibility of the CEO of every company.”
- On leadership: “In the Fifties, President Eisenhower understood that once the Russians obtained nuclear capabilities – if something wasn’t done to stop the nuclear race, the planet would not survive. He created the first treaty to stop the nuclear race. Now, another movement needs to evolve to develop treaties, regulations, and understanding of the threats of cyber security. If leaders would do this, countries would accept it… but leaders today are doing nothing, unfortunately. They use cyber for their own benefit, but they are taking a great risk – the risk of instability and bloodshed.”
- On democracy: “Cyber is becoming a threat to democracy… By using it for political ends, you can convince people to choose between one nominee for President or Prime Minister over another without being aware of the manipulation… Could a weaker party use cyber to steal an election? This is already a distinct possibility; if the margin between candidates is narrow, it is certainly possible.”
Modernizing & Scaling Your Security in the Cloud, for the Cloud
Our second session was a fireside chat with Ann Johnson, Corporate Vice President at Microsoft, together with CyberProof’s President, Yuval Wollman. Ann provided insight about Modernizing and Scaling Security in the Cloud, for the Cloud. Here were some of her top take-aways:
- On automation: “You have to reduce time to detection – and that can only be fully achieved through machine learning and automation. You want to automate as many tasks as you can and save your expert human analysts for the more complex tasks.”
- On cloud transformation: “Going to the cloud is a shared responsibility. Microsoft will provide confidential computing, containerization, etc. – but the customer needs to bring quality and controls around data. MSSP partners like CyberProof can provide the necessary support to do this.”
- On COVID-19: “Companies that had adopted zero-trust architecture with a split-tunnel VPN were most successful at getting their employees to a place of productivity.”
- On data hygiene: “Response teams will tell that you that 80-90% of breaches still happen because of bad cyber practices. Fixing that starts with inventory control, limiting administrative rights, eliminating insecure domain servers, implementing MFA. You have to do all of the fundamentals first.”
Collaborating with the Right Skills at the Right Time – Adopting a Hybrid Engagement Model
Our chat with Ann was followed by three break-out sessions. In the first, Doug Saylor, Director of ISG, together with Tony Velleca, CyberProof’s CEO, discussed the topic of Collaborating with the Right Skills at the Right Time, Adopting a Hybrid Engagement Model.
In this session, Doug and Tony talked about what a risk-driven approach to vulnerability management really means. Some of Doug’s insights included:
- On outsourcing security: “We think there’s real capability that you get from an outsourced provider. There is a view that you can do it better in-house, but what we’re seeing in the market is that it’s getting increasingly harder to find people with L2 and L3 security skills.”
- On the traditional approaches to outsourcing: “Providers were SLA-driven rather than KPI-driven. They need to focus on business outcomes, on ways to mitigate reputational damage, and on constantly improving security posture over time.”
Tony discussed the characteristics of an effective MSSP and detailed CyberProof’s belief in looking at cyber security through the lens of business risk, explaining, “It’s an agile approach. It relates to how we are improving our detection capabilities and response time, and these become the KPIs – measuring how we have reduced risk against a certain loss event for our customers.”
Continuously Identify Threat Detection Gaps and Optimize Response Actions
In one of the parallel break-out sessions CyberProof’s Bruce Roton, VP/Global Head of Security Strategy at CyberProof, together with Ben Chant, Product Marketing Manager at CyberProof, explored how to Continuously Identify Threat Detection Gaps and Optimize Response Actions. Some of Bruce’s main points included:
- On communicating with the C-suite: “Even with all the money that we spend on these point solutions, security professionals really struggle to answer some very fundamental questions from the executive management…. Are we reducing our risk, based on the money we've spent? Did we do the right things?”
- On point solutions: “There's a strong momentum towards simply buying more solutions – and I say, slow down for a bit and consider what you're actually trying to accomplish and how those pieces are going to fit together.”
Visibility into the Vulnerabilities that Matter
Sinu Peter, CyberProof’s EMEA Principal Security Architect, led the third break-out session together with Sean Keef, North American Technical Director for our partner Skybox Security, on the topic of Visibility into the Vulnerabilities that Matter. Some of Sean’s insights included:
- On infrastructure: “Infrastructure sprawl is a huge problem that a lot of organizations are dealing with. A couple of years ago, a typical CISO was responsible for a network with a couple of buildings, computers and applications that the company owned – everything was inside the buildings and easy to control. Now it’s often a crazy mess out there with multiple public clouds, shadow IT, SaaS platforms, private clouds internally, SDN.... The environment that you're supposed to protect now is so much more fragmented and difficult to get your arms around.”
- On attackers: “It’s organized crime, it’s nation states, it’s very well-funded – organized criminals that are doing this for the purpose of making money. We’ve got to understand the attackers and the level of resources that they are bringing to bear to make an attack happen.”
- On detection & protection: “Analysts for the last couple of years have been telling us that you need to assume that the bad guy is in your network. Focus on detection. Focus on incident response. We’ve seen spend on prevention decrease and a lot of focus going into the SOC. Then you go and talk to the SOC managers and find out that they are completely overwhelmed by the number of incidents… We need a more balanced approach where prevention and the SOC are working hand in hand.”
“Hacking” the Minds of CISOs
In our closing session, Understanding the Psychology of the Defenders, internationally renowned master mentalist Lior Suchard ended off the event and wowed the audience by hacking into the minds of our participants – despite the interaction being over Zoom! – while CISO panelists explored some of the top challenges they encounter in the industry today.
CyberProof’s Head of Global Sales, Adrian Bisaz, led a panel discussion in which we were honored to be joined by Dave Row, Head of Security Operations and Engineering at Ferguson, and Samantha Rule, Head of Information and Cyber Security at Ninety One.
In their discussion, Dave and Samantha explored how organizations can align their processes and technologies when adopting an outsourced SOC model. They discussed some of the challenges inherent to bringing experienced cyber professionals on board, and highlighted the advantages of working with an outsourced provider that reliably helps them scale operations and bridge knowledge gaps.