Cybersecurity is a field steeped in innovation. On the offensive side, threat actors continually develop new malware, expand their attack tactics, and discover new vulnerabilities to exploit. The defenders, meanwhile, must innovate new means of detecting and preventing these attacks in a bid to keep ahead.
The harsh reality is that if you’re not one step ahead of the attacker, you’re their next victim.
But while the need to innovate is clear, the reality is often very different. Chief information security officers (CISOs) are constantly faced with the struggle of keeping up the pace of emerging technology and balancing limited budgets and resources that must cover multiple security needs.
CISOs must find a way to overcome this and work as early adopters to keep their companies safe.
Why Is Security Innovation so Important?
Cybersecurity is a resource-intensive industry. Keeping up in this sector requires continual investment, but many companies naturally balk at this idea. And indeed, if you think of security along the lines of other business investments, the continued momentum of cyber seems extravagant. Most physical assets will last for many years before needing to be replaced, and companies are comfortable retaining old, outdated IT hardware and software for years, only updating them when the need becomes critical. If it’s not broken, why fix it?
Under this mindset, business leaders will often look at the array of security solutions they have already invested in and decide it’s enough. Why expend more budget when they already bought new solutions last year?
However, this is a deeply flawed argument because the security landscape's fluidity makes cybersecurity very different from normal business investments.
Cyber tools are actually more akin to military assets. The term cyber warfare isn’t used idly — both fields are a case of cat and mouse, with two sides investing in innovative new weapons and tactics to outdo the other.
And just as no army would go up against tanks with muskets, businesses cannot afford to fall behind the latest tools and tactics being deployed by threat actors.
Anti-virus, for example, was a key defensive tool for some time, but today any cybercriminal worth their salt is easily capable of bypassing standard anti-virus.
This is not to say that every previous piece of security technology is fit to go the way of the musket. But organizations must be aware of the way the threat landscape is shifting and be prepared to match the innovation of threat actors with their own advancements.
How Can CISOs Take the Plunge and Become Early Adopters?
CISOs should always look ahead and consider how they can innovate and improve their security strategies.
However, turning this intention into action can be difficult, especially when they also need to convince non-technical budget-holders to greenlight their investment choices. Finding the right solution can also be difficult in a field as large and fast-moving as security.
As a result, companies will often hold back and wait for others to take the risk of investing in new and unquantified technology first before joining them once some big-name companies have taken the plunge.
Many CISOs will also see what larger analyst houses like Gartner, IDC and Forrester have to say before they make their move. But following this route can actually mean going backward. While sticking with tried and tested products does minimize risk, it also means missing the chance to be truly at the forefront of innovation. This is true of most fields but especially pertinent in security. Once a solution has been around for a few years and becomes mainstream, cybercriminals will already be working on a way to bypass it.
Instead of following the herd, enterprises should look at their own needs. They need to ask themselves if they can afford not to have an innovative new solution, and if the expense and risk of investing in the unknown are outweighed by the impact of a serious breach.
Some of the best cyber innovations are the ones that tackle old problems in new ways. For example, we focus on stopping data exfiltration. While there are many solutions geared around solving this problem by trying to keep the criminals out, we take a different approach. We assume the criminals will get it, so we focus on stopping thieves from getting out of the building with the crown jewels.
CISOs can also dull the risk of investing in innovative new solutions by looking for ones that will require a minimum of manpower and resources. Some technology billed as disruptive to the market can also be disruptive to its users, requiring extensive implementation and specialist knowledge. Security technology that can be installed with minimum disruption and maintained without a heavy hand from specialists will be less costly, less risky, and provide a better ROI.
Where to Start With Seeking Innovation
Finding innovative security solutions often means looking off the beaten path. While it is beneficial to keep track of the larger analyst houses and investments made by big organizations, CISOs that want to keep ahead should also keep an ear to the ground to other sources. Diversifying out to follow other analysts can uncover more options, especially when it comes to analyst houses that specialize in cyber research.
Joining industry forums and events can also be a useful way to find out the latest buzz, with more specific searching to delve into particular solutions and find out what the word is.
The explosion in the cyber industry’s growth is due to the increase in the number and severity of attacks. But the increasing threat makes it obvious that many of the solutions on the market are no longer enough.
CISOs must be early adopters and explore emerging cyber technology if they hope to keep ahead of the curve.
This article originally ran in Today’s Cybersecurity Leader, a monthly cybersecurity-focused eNewsletter for security end users, brought to you by Security magazine. Subscribe here.