Insights from a CISO Survival Guide

Insights from a CISO Survival Guide

This is the cost of progress: Connectedness is essential to keep customers, partners, and employees productive and highly satisfied, but it invites breach contagion that is sure to make everyone unhappy. That leaves CISOs walking a fine line between boom and backlash as they try to secure their organizations.

A new CISO Survival Guide sets out to uncover how modern enterprises should be secured given the uniquely evolving challenges of Identity management, data protection, software supply chain integrity, and ongoing cloud migration.

The report reflects the results of a robust qualitative and quantitative research investigation undertaken by four of the industry’s most active cybersecurity investors: Cisco Investments, Forgepoint Capital, NightDragon, and Team8.

One major focus of the report is around identity management, here are some of those key findings:

A pain point for CISOs is the lack of a unified platform across Identity Access Management (IAM), Identity and Administration Governance (IGA), and Privileged Access Management (PAM). They indicate that it is a desired future focus for technology startups.

Cloud Infrastructure Entitlement Management (CIEM) is on the medium-term roadmap. Many are actively leveraging their cloud security providers’ (CSPs) native offerings.

Startups need to “keep it real.” Rather than focusing on buzzy acronyms, an appreciation for stable, scalable architecture along with innovation on end user experience is needed to connect with CISOs still making the transition to hybrid and cloud infrastructure.

“Organizations need help finding their footing on the Identity path as the digital enterprise evolves,” the guide explains. “Finding hybrid compatible solutions, securing SaaS, and retooling legacy architectures to the pace of password-less platforms are just a few of the challenges they face.”

The report examines how startups are advancing innovation across the Identity and zero-trust landscape in areas such as:

Password-less and continuous access

Converging authentication/governance/privileged access

End-to-end multi-cloud Identity detection and response

Continuous SaaS-app security

Account takeover and session hijack prevention

Active and cloud directory security

Included in the guide are results from a specially commissioned IDG report featuring 100 IT security decision-makers from over 15 different industries. Among those findings:

85% of IT decision-makers prioritize IAM investments more highly than other security solutions.

Over one-third of respondents invested in Identity to cut security costs. The same number were motivated by the demands of an increasingly complex environment.

When asked which criteria their organization prioritized when selecting a modern, next-generation Identity platform, 21% of survey participants cited ease of integration.

Changing Identity was cited as the top (53%) reason companies failed to hit their IAM goals.

“As digital enterprises expand in scope and size, the challenge of securing all assets via the Identities that access them becomes an increasingly complex problem,” the guide notes. “Through discovering, supporting, and partnering with emerging technology startups in this space and sharing what is found, Cisco seeks proactive ways to always deliver on its promise: If it’s connected, it’s protected.”

Identity management is just one topic covered in the comprehensive report. For the full report, which extends to perspectives of CISOs, startup investors, and customers on topics around data and collaboration, software supply chain, and cloud security, please visit here.

SecurityRead More