5 priorities for CISOs to regain much needed balance in 2022

Here’s what security leaders need to do in the face of rising stress levels and cyberattacks

blog-banner-rolling-balls-CISO.jpg

Nearly 9 out of 10 CISOs say their existing systems secured their enterprise through a shift to remote work, an ongoing labor shortage, and a huge spike in cybersecurity attacks. But that success came with a price: 64% say they’re more stressed out than they were a year ago. 

How can CISOs navigate a new set of challenges in 2022, while also regaining some much needed balance? 

We asked CISOs, security practitioners, and other experts where security leaders should be investing their time, energy, and resources in the year ahead. Here are five areas across workforce, tools, and methodology that they say should be priorities in the new year.

Key takeaways
  • Complex hybrid work environments will continue to evolve demands for CISOs
  • CISOs should accelerate adoption of Zero Trust strategies
  • Training and employee programs must expand to business and time management skills

1. Secure your hybrid workforce

The transition into long-term hybrid work environments presents security challenges that few enterprises have encountered, says Katie Teitler, vice president of research at TAG Cyber, a cybersecurity research firm.

“In 2021, it was all about securing remote work,” Teitler says. “Hybrid work is a different paradigm. CISOs have to balance worker productivity with security in a way we’ve never seen.”

If 2021 focused on security fundamentals, 2022 will be the year of identifying opportunities for improvement, with security pros becoming more adept at tactics and processes for ensuring every device is locked down. Security chiefs will need to manage access and establish governance for a constantly changing mix of in-office and at-home employees using personal and company devices — some of which escaped important software patches and updates during the pandemic.

For many organizations, that means investing more in cloud-based extended detection and response, or XDR, which combines security information and event management (SIEM) with endpoint detection and response (EDR), analytics and intelligence, and identity and access management tools.

A hybrid workforce in 2022, Teitler adds, “will mean supporting more different and disparate types of technologies and access requirements.”

2. Embrace Zero Trust frameworks

President Joe Biden’s May 2021 executive order calling for improvements in national cybersecurity cited Zero Trust, a security methodology and framework built around the idea that no traffic on enterprise networks should be trusted, even if it’s generated by authenticated users.

The Zero Trust security framework is becoming an essential tool in the CISO’s arsenal, as it forces teams to rethink the way network access works and more closely scrutinize the products they rely upon.

In 2022, experts say, security teams must better understand Zero Trust methodologies and products and be ready to implement them. Many of them got a head start during the pandemic: The crisis prompted 60% of enterprises to accelerate their adoption of Zero Trust.

“Zero Trust is the opposite of the old proverb, ‘trust, but verify,’” says Nate Fick, general manager of security at Elastic. “It’s a risk management approach that translates to ‘trust nothing and record everything.’ With Zero Trust, security can become an enabler that allows smarter access to systems and data while delivering a greater level of protection.”

3. Automate security workflows

As security systems become more complex, human analysts can’t keep tabs on current and potential threats at all times. That means an increased reliance on robotic process automation (RPA) and other tools to automate workflows of rote tasks.

“Automation should free up some of the security team’s time to focus on higher level analysis,” says Teitler.

For security organizations that rely on Zero Trust frameworks, automation tools can also handle routine issues on their own and escalate only those incidents that require human intervention — returning time to overburdened security analysts to focus on higher-level threats.

We're hiring

Work for a global, distributed team where finding someone like you is just a Zoom meeting away. Flexible work with impact? Development opportunities from the start?