CISO priorities must shift in a heightened threat landscape

Having a more nimble response to cybersecurity issues as they arise is becoming vital – but how do you do that safely?

For chief information security officers (CISOs), the world is looking increasingly dangerous. The cyber threat landscape appears less secure than ever – putting the onus on CISOs to try and step in to shore up defences. “The cost of the attacker to compromise you is going down,” says Rob Demain, CEO and founder of e2e-assure, threat detection and response specialists. “The adoption of new tech has meant that it’s less expensive for attackers,” he says. “When it’s less expensive, that broadens the targets, which means more people are brought to the attention of hackers.” 

Those overseeing their organisation’s cybersecurity are well aware of the risks, but they’re also conscious that their investment and security often can’t keep up. In all, 42% of cybersecurity decision-makers said their operations were underperforming, according to a recent e2e-assure survey. 

The cyber threat landscape appears less secure than ever – putting the onus on CISOs to try and step in to shore up defences

The problem is often that security professionals agreed security operations centre-as-a-service (SOC-as-aservice) contracts with service providers years ago when cybersecurity became a risk. Those initial agreements, which often lock in customers for years at a time, were ill-suited to adapt to the changing security environment. “What’s happening is that attackers are moving quicker,” says Demain. “They’re using attacks in different areas. And a lot of organisations are finding that they aren’t prepared for that in terms of the outsourcing arrangements, which are quite inflexible.” 

This gap between what CISOs need and what they can currently access is exemplified by e2e-assure’s 2024 threat detection research, which shows CISOs are seeking greater speed, more control and better resilience as the main priorities they look for in a provider. The problem is that existing SOC-as-a-service providers often don’t offer those key components that businesses now seek out. “Traditionally, it can be slow,” says Demain. This, naturally, causes frustration among decision-makers. 

Beyond that, the way that SOC-as-a- service traditionally works is to be reactive, rather than proactive, in defending organisations from cyber incursions. Demain compares it to a fire alarm, where outsourced providers usually inform customers that they’re being attacked, but don’t always explain what to do about it. “It’s very much a passive arrangement this way,” he says. At the point at which an organisation is attacked, it’s arguably too late to do anything about it – something CISOs who find themselves falling victim are increasingly conscious of. 

“A lot of traditional services function by responding to the actual encryption or the ransomware events,” Demain says. That’s far too late to make a meaningful difference. “By the time that’s happened, it’s too late to fix it. So, what we should be doing is looking for the spark, which is what we call initial access techniques,” he says. “What we try to focus on is detecting the early stages of attacks. It’s much easier to take action to stop them at that stage.” 

A proactive approach is what e2e-assure offers its customers. Rather than locking in businesses to long-term, inflexible contracts, the company offers flexible, agile contracts suitable for the modern workplace. The firm also offers modular services that can be adapted to a business’s needs, rather than what the provider wants to sell them. “Change costs a lot of money,” says Demain, and e2e-assure’s modular approach means it’s possible to do so without breaking the bank. The company works with clients to assess their specific needs and develop a solution that works for them and their requirements. 

And rather than being impenetrable, e2e-assure offers its automated, always-on security operations in a way that is simple to understand, with a dashboard available through its Microsoft Teams app. This easily allows businesses to review, respond and remediate any issues that may arise. Having a continuous security assessment can make the difference between keeping your business secure, says Demain, or falling victim to the latest cyber attack. 

“CISOs need to be in control,” says Demain. “It’s their business they’re protecting. They can keep in touch with us, but they want to be informed and have authority over decisions that impact the safety of their business.”

For more information please visit e2e-assure.com