How to Troubleshoot Apps for the Modern Connected Worker
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
1. Round Table : Emerging New Threats And Top
CISO Priorities In 2022
2. Which Are The Biggest Threats Or Security Challenges
You Are Facing Today
● Single dashboard for enterprise security visibility, security awareness and right set of tool availability is
missing
● Expansion of threat landscape
● Technology growth – IoT, AI/ML adds in unseen vulnerabilities
● Workforce inventory is a rising challenge
● Safeguarding critical data
● Supplier dependencies
● Supplier security is weak
● As the technology grows, vulnerabilities increase – it is hard to keep up
● Retaining security resources like talent
● In security industry competency levels are a big challenge
● Perimeter security with ambiguous borders with time
3. Which Are The Biggest Threats Or Security Challenges
You Are Facing Today
● Increase in ransomware attacks
● Data availability post incidents
● Security maturity model not in place
● Response levels from Government side is poor
● No regular patch updates and system upgrades in place
● Need to focus on incident response levels
● Insider threats
● Log4J and DevSecOps challenges
● BYOD
● Central visibility is missing
● Phishing attacks
● Bridgeline between DevOps and security is weak
● Implementing multiple tools and being unable to understand the cumulative output
4. Which Are The Biggest Threats Or Security Challenges
You Are Facing Today
• IoT Threats - New medical devices are introduced and integrated (IoT)
• Security contractual obligations are strong in RFI & SOWs
• Cybersecurity Insurance need has increased
• Threat Intelligence
• Automating access controls. Adapting to PAM, MFA
• API Integration
5. How To Secure A Complex Hybrid Environment (Cloud,
End Point, Data, Mobile etc) Against New Age Threats
● Boundariless access and operating from an open environment
● Upgrading old legacy systems
● Governing the existing policies and processes
● BackUps are vulnerable
● Lockbit, REViL
● Informed decisions
● Leveraging to existing security platform and align to industry best practices
● Secure perimeter, assets, devices and data
● Delivery assurance from 3rd party side to assure secured deliverables
● Visibility of the network is minimal
● Auto deploy using the tool
6. How To Secure A Complex Hybrid Environment (Cloud,
End Point, Data, Mobile etc) Against New Age Threats
● Identification of unknown assets
● Increase in attack surface visibility
● Frequent Red and Blue Teaming exercises
● Taking ownership rolewise
● Understanding the current threat landscape is important
● Risk mitigation need to be fast and quick decision making
7. What Are The Top Priorities You Have In The Next 12
Months
● Investing in the right set of tools enabled within the network
● VDI based solutions
● Hardening
● Native DLP
● Investing in insurance
● Honey pot solutions
● Focus on vendor security and readiness evaluation before investing in partner
● Investing in training and security awareness frequently
● Focus on the exit process
● Automate PIM/PAM solutions
8. What Are The Top Priorities You Have In The Next 12
Months
● EDR/MDR/XDR (Detection and Response)
● Micro segmentation and Zero Trust
● SASE
● Workload protection
● Runtime protection
● Container security
● Endpoint security
● Attack surface management
● Automated RED teaming
9. What Are The Top Priorities You Have In The Next 12
Months
● Automation
● Passwordless solutions
● Network, DNS security
● Revamp EMR (Electronic Media Reporting)
● Investing in DevSecOps
● Open-source tools usage