Cyber Security forum notes 11-24-2020

Andreas Knoefel
Andreas Knoefel Member Posts: 74 Expert
First Comment
Great discussion today in today's forum, starting with

Serving your customers who cannot share any data

This is a common challenge in the cyber security field, in particular with on-prem solutions, but also common on private, gov, and public clouds.

Our consensus was to a anchor everything in the success plan. Even if the customer has a private version with their specific goals, milestones, and dates, most are willing to share if they are on-par, ahead or behind schedule of attaining their goals and devise strategies for the outcomes we as the partner can influence. Sometimes it's just getting this to the attention of the CI(S)O to shift priorities in our favor.

In many enterprises you have an incumbant SI partner with the necessary clearances and access. Enabling them to deliver services around your solution makes them a powerful ally to track outcomes, troubleshoot issues and enable endusers. Stand up a Center of Excellence (CoE) around their services and work through their proxy.

For air-gapped environments such as SIPRNet, a human proxy of a partner gains you access to some information of relevance. Hosting a mutual environment in a "DMZ" becomes a common collaboration ground for discussions and troubleshooting.

Remote connection to their live systems or access to extensive logs are not feasible due to the quarantine routines for anything in/out of the customer.  Educate your product team on the necessity of building tools that provide your engineers with necessary data and preserve the customers security, anonymity, and compliance constraints.

Our second topic was Staying up to date in a fluent subject area.

While your solution may target a specific aspect of cyber-security, your customer stakeholders are on the hook for a lot more and you need to understand what they are facing even in a tangential area to maintain trust. 

One participant went the formal route and obtained on top of his masters and Ph.D a master in Cyber Security and is now a CISSP. The challenge with any certification is that it always provides a snapshot in time and becomes outdated. What remains a long lasting benefit is learning how to think like a cybersecurity professional. The methodology and terminology helps you to detect relevant information from the trade journals of CIO's and CISO's and other sources to keep on top.

Following the build vs. buy decision, you and your entire department don't need to be infosec ninja's. Have a few who are, and partner with industry marketing experts to evangelize together.

(Note: If you're confused by the acronyms, googling them is your first step in mastering the lingo). 

For those more audio-visually inclined teh full audio and video are available at: Passcode: A77yx#N4

The next session will be at the beginning of 2021. With Year-end and SKO's most likely in February. Check the events page and Office Hours for details.