Hi! I am Nick Gipson, the Director of Cyber Operations here at Pareto Cyber. This is Part 3 of my 10-part series on “10 Things I Hate About Cybersecurity: A Love Story” where I dissect the problems within this industry and my personal encounters with them. You can find the other parts of this series here.
Many companies find themselves trapped in a Catch-22 scenario with their security operations:
- They need somebody sufficiently experienced to oversee their entire cybersecurity program.
- Their budget isn’t large enough to hire a great in-house chief information security officer (CISO).
Because they can’t find a solution, the entire organization’s cybersecurity is at risk.
Why It Matters
While a sharp security operations center (SOC) manager can do quite a lot to protect your business’s data, there are limits to how much they can accomplish.
Our clients often complain that their staff is falling short of their cybersecurity needs. Honestly, I’m not surprised. Most general IT and infrastructure staff don’t understand security at that level and can’t effectively deal with modern cyberthreats.
I think one recent example from Pareto shows just how important having an experienced security specialist can be.
We were helping a new client with a complete overhaul of their Amazon Web Services (AWS) cloud. What we saw was a complete mess:
- Many services and accounts were orphaned.
- Root accounts were used interactively by their administrators
- No MFA was implemented on user accounts
- No VPN or SSO system was installed
- No AWS organization global view for the account
- No cloudtrail log forwarding to SIEM
- No security token management
All of this mismanagement added up: the company was extremely vulnerable to data breaches. Users with AWS accounts could access the entire AWS environment. Security staff didn’t monitor logs. Even if a breach occurred, the company may not have even noticed.
When we stepped in, we worked not only on improving their AWS cloud, but also ensuring that all other parts of the business’s digital infrastructure were managed correctly. After a thorough assessment, we presented detailed reports with specific large-scale recommendations to improve the client’s cybersecurity posture both immediately and in the long term.
What Can We Do?
To solve the CISO conundrum, you need to escape the trap of requiring in-house staff for all of your security operations.
Outsourcing can provide you with the expertise that your organization desperately needs without the costs and resources that finding a full-item specialist requires. With a good vendor, you can outsource someone who can make overall security program recommendations for your organization. This kind of expert can direct the rest of your staff to ensure proper maintenance of all of your systems.
At Pareto Cyber, we have a Virtual-CISO (v-CISO) program to serve exactly this need. We can command and control a client’s entire cybersecurity program and assist with protecting their organization in a much more comprehensive way than by simply detecting and remediating threats.