Earlier this year, SafeBreach held its first-ever Validate Summit at Levi’s Stadium in Santa Clara, California. This in-person event brought together top cybersecurity leaders and innovators to discuss the changing requirements to build and optimize a proactive security organization.
David Spark is a veteran tech and cybersecurity journalist who has appeared in numerous media outlets. In another life, Spark worked as a touring stand-up comedian, a San Francisco tour guide, and comedy writer for The Second City in Chicago. He now gets to put his security expertise and stage presence to perfect use as producer and regular host of the CISO Series.
In this edition of Voices from Validate, we revisit David’s rousing Validate session that first got our audience of cybersecurity professionals up on their feet for a round of “networking pickup lines”—a fantastic ice-breaking and networking-skill-building activity—followed by an open-mic dialogue focused on finding answers to some of the toughest cybersecurity questions.
Is Your Organization Safe?
David began by posing a question to the Validate crowd: “How do you react to the news of a real-world attack?”
Big breaches are often front-page news these days, with executive stakeholders like CEOs and board members learning of them in real-time—right along with CISOs and their security teams. These business leaders quickly want to know if their organization is safe, and they won’t hesitate to immediately ask their appointed security leader.
And their urgency is typically warranted. Timing is critical in these circumstances, and the faster you can react and reduce exposure, the safer you are, and the happier your leadership team will be. Security professionals in the Validate audience responded with a range of actionable, pragmatic steps to follow in the wake of new attack headlines:
- Review your defenses and the attack methods used to understand how far the attackers would have gotten in your own environment
- Take note of what the victim organization did to respond—and compare that with your company’s own response plan
- Prepare a statement for your internal and external stakeholders about your team’s response
- Bring compelling data and facts to your C-suite to provide assurance that you’ve validated your controls and you are safe against this attack
Fortunately, the majority of our Validate audience also happened to be SafeBreach users. They know we uphold a 24-hour SLA on US-CERT and FBI Flash alerts, so they can confidently and quickly report that they’ve simulated the new attack safely with our breach and attack simulation (BAS) platform, identified their level of risk, and remediated any potential vulnerabilities. And with SafeBreach’s customizable reporting, the process of providing clear data to back this up is a breeze.
Is Your Security Team Satisfied?
David then shifted the conversation from attack response to another key factor in an organization’s security posture: the people making it possible. According to the “Voice of the SOC Analyst” report released by Tines, over 60% of SOC analysts plan to change jobs in the next year due to a range of factors including burnout, understaffing, and tedious tasks.
After presenting this alarming statistic, David candidly asked the SOC analysts in the room if any of them were exploring new opportunities themselves. “No comment,” one smartly replied. But the perspective they shared was illuminating.
The SOC analysts present all generally agreed there is too much to do and too little time, and the pressure of ever-increasing responsibilities, relentless noise, and false positives can be suffocating. One analyst expressed frustration with a pattern of having too much put on their plate, without being given any clear direction or effective tools to solve the problems at hand.
Next, David turned the tables and asked the CISOs in the room how they might remedy some of these SOC satisfaction issues. The veteran security leaders who chimed in provided some invaluable insights for organizations to consider. Here’s a summary of their top tips:
- Create opportunities for team members to express their needs and show progress on addressing them
- Provide more modern technology—like BAS and other automated tools—to help reduce their workload
- Engage team members with educational and career development opportunities, so they see a path forward within the organization
- Ensure leadership plays an active role in showing appreciation for SOC team efforts
One renowned CISO shared the viewpoint that a stressed SOC is a clear failure of leadership. He believes it’s up to him and his industry counterparts to foster motivation to keep the team engaged and to implement tools and processes to help them be more effective and efficient. Because, ultimately, people won’t stick around if they don’t feel they are providing value. To explore this topic in more depth, be sure to check out our blog on “Addressing Cyber Mental Health & the Great Resignation.”
David Spark’s session was a lively and interactive experience. He demonstrated the importance of seeking concrete answers to some of our toughest security questions. To learn more about how BAS can help keep your organization safe and your security team satisfied, contact SafeBreach today.
Wish you could have attended SafeBreach’s Validate summit? Well, our second-annual Validate summit is coming up in May of 2023 at The Star in Frisco—headquarters of the Dallas Cowboys. Registration will soon be open, but seats will be going fast, so be sure to save your spot early to join in on this exciting event and important conversation.