Cloud 101CircleEventsBlog
CSA's Continuous Audit Metrics Working Group is expanding! Help shape the future of cloud assurance.

News of Note: Facing Days of Opportunity, Massive Change… and AI

News of Note: Facing Days of Opportunity, Massive Change… and AI

Blog Article Published: 08/31/2023

Written by Illena Armstrong, President, CSA.

Having just recorded a podcast with one of CSA’s Corporate Members, I find myself reflecting on how far the cybersecurity industry has come.

Twenty-some years ago, cybersecurity, while getting some play with the executive suite in verticals like government and financial services, was all about the hard shell/soft center (or the castle and moat) view. E-commerce was in its infancy. Chatter was being given to viruses that shut down servers or worms that infected emails, wiped files, and slowed the internet. Firewalls, VPNs, and AES encryption were being touted by analysts, while the likes of Microsoft began promoting Trustworthy Computing and introduced Patch Tuesday.

Zero Trust strategy is where it’s at now, given our wide reliance on cloud services and the need to verify every app, user, and source of compute. Data is everywhere because of the cloud. Online commerce is flourishing. Cybercriminals are driven more by motivations of money or engaging in state-sponsored attacks or misinformation campaigns. The sheer volume and types of attacks – whether we’re talking these, supply chain, IoT, or ransomware – are challenging all industries. And beyond understanding and adopting Zero Trust principles, CxOs and their teams are also trying to come to grips with how AI will help or hurt them. Not to mention whether the likes of quantum computing will play a role in enabling even more advancements of AI and machine learning.

While there were no real CISOs in place when I entered the field (Steve Katz, the pioneer, came a couple years later), CISOs are here now and often have a seat at the boardroom table. They are actively debating the essential components needed to further elevate the role to be effective in making and sustaining marked improvements in cybersecurity and resilience strategies.

Such discussions and additional learning opportunities are vital to advancing the CISO profession and ultimately cybersecurity postures. Our one-day CxO Trust Summit on September 19th in Bellevue, WA during our annual SECtember event is all about getting this industry’s executive suite together to learn, talk shop, and gain valuable and actionable guidance that will help them in these efforts.

We will have the likes of David M. Smith, Assistant Director, Office of Investigations of the United States Secret Service; Dr. Yonesy Núñez, CISO of the Depository Trust & Clearing Corporation; and many other thought leaders on hand to share their experiences and offer their thoughts. They’ll share ways you can shore up both your security controls for your multi-cloud environments and your working relationships internally and externally that are critical to the execution and management of your cybersecurity plans.

Additionally, during this event we will have our annual tabletop exercise. This year it will be led by members of our research team and some security architects from a longtime CSA Enterprise Corporate Member that will be announced soon. For this year’s exercise, we’ll be leveraging our recently released Cloud and Compromise gaming set to take our CxO audience through:

  • Setting up a high-level cloud architecture;
  • Building a security team;
  • Adding security controls into the architecture; and
  • Integrating gameplay into cybersecurity plans to build security awareness and culture within the entire organization.

We’re in the midst of some interesting times, fellow cybersecurity pros, and while these days are a bit vexing on a number of fronts, they’re also exciting and seem to portend advantages for all of us if we take the right actions and adopt the right policies now. To reach some positive payoffs in our future, the same enthusiasm that saw us entering this space must remain steadfast as we continue to educate ourselves, adapt, and evolve.

We talk about resilience in the context of our cybersecurity and risk management postures. It also is a trait for us as individuals to nurture and strengthen. This industry, which was always fast-paced, is in a transformative state we’ve never seen before. In the next 10 years, AI advancements will continue to enable more efficiency in our operations and most certainly will be able to solve quite complex problems that humans simply cannot. Other predictions are even more breathtaking, which is why during SECtember we are also having an AI Think Tank Day on Friday, September 22nd. We’ll share more information about the experts presenting and the overall agenda after Labor Day, so stay tuned.

In the interim, enjoy the remainder of these long, summer days with family, friends… and your preferred AI-powered chatbot.

Share this content on your favorite social network today!