A previous post showed that long-term cybersecurity requires we look beyond just today’s biggest threats for a better understanding of tomorrow’s emerging crises. We talked about how some challenges — including those around scale, encryption and shifting targets valued by threat actors — are destined to get worse over time.
That means responsible cybersecurity pros can’t afford to turn a blind eye today and do nothing. That’s why this post is designed to help you put the long view on cybersecurity into practice — with a few priorities to consider as you chart the organizational steps to fortify your defenses against tomorrow’s threats.
Evolve Your Threat Sharing — The concept of threat sharing is not new, and many companies participate in some form of collective defense. Unfortunately, the insights are not always in real time, and they may be derived from previous threat analyses and assumptions; this leaves organizations vulnerable. Not all threat sharing is equal, and companies need to avoid a check-the-box mentality that can create a false sense of security.
Evolve the view of threat sharing into one that’s much more focused on visibility and analysis of network traffic. Build or provision architectures with the power to do real-time analysis at scale — and share those insights with the right collective defense community. Fortunately, IronNet’s own work in this space with IronDome that builds upon the industry threat sharing communities like the ISACs are getting us there.
Mature Your AI/ML Capabilities — As with threat sharing, not all Artificial Intelligence and Machine Learning tools are alike. AI/ML can help with the challenges around scale that we flagged in a previous post, but the power of these systems depends on how they were designed, and what they’re designed to do.
In other words, it’s one thing to have AI to help manage big labeled data sets, like translating language, or use ML to learn and predict the fuel pump failure rate in a locomotive engine. But it’s another thing altogether to use AI/ML in cybersecurity — where you’re looking for patterns you’ve never seen before. IronNet’s own capabilities are designed for this, and all organizations need to ensure their AI/ML investments will meet the needs of actual cyber operations. A recent IronNet survey confirmed that there is still a level of maturation needed for these types of solutions.
Build the Right Cybersecurity Workforce — We already have a cybersecurity workforce gap that’s closing in on 3 million in the U.S. alone. That means we should strengthen the embrace of educational and industry efforts to bring more people to the field. Every organization can do something to nurture the talent pipeline, from sharing best practices and academic collaborations, to intern placement and recruiting.
Throughout, we need to focus not just on the number, but also the skills, of people who make up the cybersecurity field. For instance, in a world where encryption is making signature-based tools obsolete, tomorrow’s SOC analyst will need to know how to analyze TLS-encrypted network traffic, research clues from initial setup sessions or comb through credentials and certificate chains. Top technical and sleuthing skills are increasingly critical to success.
Ultimately, effective cybersecurity is about anticipating threats. The farther ahead we can see on the evolving digital landscape, the better we can protect our organizations and society.