What Really Frightens CISOs: The Boogeymen of Cybersecurity

 It’s close to midnight

Something evil’s lurking from the dark

Michael Jackson definitely had it right in his iconic Thriller; which no doubt will be played nonstop today. If the lyrics sound familiar to your day job, you may be a CISO or working in the SOC of a Fortune 500 focused on how to prevent and respond to cybersecurity incidents.

When thinking about the solid foundation needed to be a world-class SOC, coupled with the impeding challenges of  finding experienced security personnel, and an influx of cybersecurity incidents and alerts, we can’t help but think about the persistency of hackers and the desire to avoid being hacked.

Phobia (noun): a persistent, [irrational] fear of a specific object, activity, or situation that leads to a compelling desire to avoid it.

In the spirit of Halloween, we decided to take a look at comparing cybersecurity incidents to real phobias. Where do the heebie-jeebies align?

Ophidiophobia – The Fear of Snakes

For those scared of snakes, Ireland is probably a preferred travel destination over Guam. Fear of snakes is mostly from folklore but has also been linked to actually being genetic. The fear stems from the fact they are poisonous and known to kill almost 100,000 people a year. What cybersecurity incident do we think compares to ophidiophobia?

Malware.

Attackers use many various forms of harmful software, including the recent Petya attack, and monitor actions, keystrokes, and steal critical data from computer systems and networks. There are so many methods hackers use to get users to install Malware to infiltrate your IT systems – just like there are so many versions of deadly snakes: King cobras, black mambas, or even the Belcher’s sea snake!

What can you do?

Fear of snakes could be genetic according to scientists, but malware isn’t. Set yourself up for success by keeping operating systems up to date, updating firewalls, and training your employees not to click or download from unknown sources. In the event of a malware breach, either from phishing, software downloads, or vulnerabilities in operating systems, have an incident response process predefined so you can appropriately detect, validate, and resolve incidents if/when a breach happens.

Improve your process for malware incident response by signing up for a Security Incident Response Workshop.

Galeophobia – The Fear of Sharks

You’re probably thinking we’re going to compare the fear of sharks to phishing. But guess what? Sharks aren’t little sneaky, constant threats. They are big. Looming. They sneak attack. Have you seen Air Jaws?! The fear of sharks is more common after the popularity of the thriller Jaws (1975). The plot is centered around a rogue hunter; a shark that tasted and thus hungered for humans and kept to the territory until the food supply runs out – or the shark gets blown up, as was the case.

Being scared of shark attacks, or suffering from galeophobia, is the same as fear of Rogue Software cybersecurity incidents. Hackers infiltrate with pop-up windows and alerts that look legitimate. Someone simply accepts their terms (you are in their ocean, after all) and that pesky malware is wreaking havoc in your IT infrastructure.

What can you do?

You can’t prevent the irrational fear of sharks, but the best way to prevent rogue software incidents is with a digital shark net, otherwise known as a firewall. Stay vigilant and aware, and automate response if your company does suffer from a rogue software incident.

Acrophobia – Fear of Heights

The fear of heights affects nearly 8% of the population and avoiding heights isn’t always an option. This fear can hold you ransom; you can’t always avoid high places which can lead to anxiety attacks. Limiting exposure is an option, like not visiting the Burj Khalifa in Dubai or staying far away from the rim of the Grand Canyon, but the fear of heights is most like… ransomware.

WannaCrypt was the biggest ransomware breach of 2017 [to date] and affected more than 230,000 computers in over 150 countries. This particular ransomware computer worm demanded Bitcoin ransom payments after it encrypted data on Microsoft Windows operating systems.

Want a NIST standards-based playbook for prescriptive guidance with automated processes? Read the blog post and view the WannaCrypt Triage playbook now.

What can you do?

Ransomware might feel out of your control like standing on the edge of a precipice, but don’t jump off the deep end. The ICIT Ransomware Report notes “the organization will have to react through remediation, surrender, or allowing the loss of the data.” Since embracing kidnapped data isn’t a real option for your organization, Resolve Systems wrote the Playbook on how to respond with containment, eradication, and recovery.

You don’t have an enterprise-wide incident response platform? The horror!

Don’t suffer from the fear of failure (otherwise known as Atychiphobia) and focus on how to prioritize cybersecurity alerts for your team to expedite resolution of incidents.

No matter the type of phobia you have as an integral part to finding, validating, and resolving cybersecurity breaches across the enterprise – whatever keeps you up at night – Resolve Systems has a solution for you. By implementing an enterprise-wide security incident response platform, we have standards-based playbooks to accelerate incident diagnostics and triage with both human-guided and end-to-end automation.

Happy Halloween from Resolve Systems!

What's Next?

Agile Automation Incident Response

Agile Automation & Orchestration: Take a Bite out of Incident Response

Security automation and orchestration can be the secret ingredient to an effective incident response program, but many teams overcomplicate it or feel overwhelmed by trying to automate every activity in the workflow.

When getting started with security automation and orchestration, think agile:

  • Prioritize business drivers
  • Identify key stakeholders and process owners
  • Examine automation opportunities
  • Define requirements with a workshop
  • And more