Field Case: CISO Sleeps Better Knowing What’s Really Happening in his Security Environment

This article was originally posted by Haim Chibotero, Cyber Observer’s Director of Professional Services, on LinkedIn. You can also read it there.

Many large enterprise CISOs and IT security managers will count among their software tools a vulnerability manager to gain insights into where their security is weakest and assist in effective patching.  While the tool can be effective for revealing threats, it’s dependent on operational IT or sec-ops to manage and use effectively.  In most large enterprises, the relevant team uses the tool and reports problems and fixes to management.  Unfortunately, the process can still leave knowledge gaps that will keep senior managers up at night.

Similarly, enterprise CISOs often need to work with Risk & Compliance Officers to ensure enterprise IT and data security adheres to a standard framework.  While this is effective in ensuring legal compliance, using standard frameworks is a less effective way of actually knowing on the ground where your enterprise security issues are.

In March, Cyber Observer went to POC with a new financial services company in Portugal. The CISO had a solid working relationship with the CRO and the company had recently passed an IT Security audit with ease.  Despite that, the CISO was still working with excel sheets, stitching together various reports from his teams into an overall management document that he could use to report to the C-suite and Board – and still losing sleep over a sense that he lacked a comprehensive understanding of his network environment’s security. That’s when Cyber Observer came on board.

After our quick deployment, the CISO was shocked to discover that Cyber Observer had highlighted firewalls that had missed several patches, despite them being previously picked up by the vulnerability scanner and despite the team reporting that all firewalls had been patched.  The audit, already getting stale, had not been a help.

With Cyber Observer, the CISO had comprehensive visibility of his network environment in a single dashboard.  He could see where tasks had been incomplete, where gaps remained, and where he needed to prioritize in the coming months.  And after ensuring the missed firewalls had been patched, he could watch in Cyber Observer as his score improved, tracking his advanced posture.

Despite having risk compliance and effective teams, it took Cyber Observer to deliver confidence to the CISO that he was getting ‘out in front’ of security management, empowering him to get beyond a siloed understanding towards real environment-wide visibility in a single glance. Armed with comprehensive understanding of his enterprise’s security strengths and weaknesses, the CISO was immediately able to move to a more proactive posture and begin advancing maturity in a more deliberate way. And hopefully get more sleep at night.