2023 #CISOPredicts: Niall Browne
Members of Silicon Valley CISO Investments (SVCI) offer their take on the challenges and trends that will shape 2023.
As Chief Information Security Officers (CISOs) across industries including tech, insurance, and retail, we have the benefit of sharing (and comparing) our perspectives on a variety of hot-button issues. As members of Silicon Valley CISO Investments (SVCI), we also get a front seat to the most recent cybersecurity innovations by advising and investing in the next generation of startups—and using our decades of expertise to help them thrive.
From where we sit in the C-suite, here’s our take on the trends and challenges that will shape 2023:
2023 will be the year for SOC (and secrets) transformation
The SOC is broken. Everyone in cybersecurity knows this—yet we repeat the same mistakes yearly. SOC analysts are swamped daily with hundreds of spurious alerts, which have little value. Most SOC tasks must be completed manually, turning highly skilled SOC analysts into manufacturing line drones. As a result, it can take the average SOC days, weeks, or even months to detect a critical incident, allowing attackers the crucial time to establish a beachhead and launch attacks deep within the compromised organization. The above has resulted in SOC analysts being increasingly disheartened and leaving in droves for more fulfilling roles, further weakening the SOC and perpetuating the cycle of decay.
There is hope, however. Automation and orchestration, which has driven tech innovation in all other areas of the business, has begun to shine a light on the SOC. Modern SOCs are beginning to embrace this model, primarily using Machine Learning (ML) to find those critical incidents quickly and orchestration to triage and close the vast majority of events automatically. Now the SOC analysts have the time to focus on the events that are critical to the business and can take a much-needed breather to plan. They can assume the role of guardians of the data vs. drones to alert chaos. Every other tech area has undergone a transformation; 2023 is the time for the SOC to transform and deliver.
Beyond SOC transformation, 2023 is the year to tackle the elephant in the room: Secrets. They’re everywhere, especially in code. Developers over the years have developed this annoying tendency to store unencrypted secrets in software code. Nothing malicious; they do this as they need their software to integrate with hundreds of applications, infrastructure, and third parties. Staff with access to the code, which can be hundreds if not thousands, have access to these secrets and, therefore, the keys of the kingdom. Unfortunately, hackers can also attain access to your code or scripts, overwhelming them with a treasure trove of keys and allowing them to open any door in the company to steal your most sensitive data. This secret weakness shames the concept of Zero Trust and Least Privilege.
Key Management Servers (KMS), which can safely store secrets, have been around for decades. But, unfortunately, people will take the path of least resistance, and it is far easier to place a secret in code than take another two to three extra steps and store the secret in a secure KMS. As a result, little progress has occurred in this area, and cybersecurity teams, lacking a solution, have simply looked the other way.
There has to be a better way. Finally, there is, with the recent advent of Secrets Management. Secrets Management, which is embedded in the developer processes, can provide the capability to ensure that developers cannot add new secrets to code and can instead easily store these in a secure KMS. It also provides the ability to take the thousands of insecure secrets in code that have existed for years and move them safely to a secure KMS. As a result, these attackers can no longer view your code and scripts for those secrets, which would have easily enabled them to compromise your data and the company. In 2023, let's start the journey to make a secret truly a secret.
Keep following to read additional takes on 2023 by SVCI CISOs!