intelligent

• Information overload : With the plethora of tools available , it would be hard to find a CISO short of information . The vast majority find themselves suffering from information overload ( lots of visibility , but little context ).

• Cloud adoption : Enabling cloud transformation is now a key focus area for UK security leadership . BlueFort ’ s 2022 CISO Survey found that more than half ( 57 %) of CISOs use multiple clouds and 37 % utilise a single cloud environment . Securing the cloud and cloud-based applications must be a priority , yet it remains one of the biggest visibility roadblocks for organisations today .

• Skills gaps : The compounding effects of information overload , high shortage of cybersecurity skills and regulatory compliance burdens , drains the already limited resources allocated to threat detection and response .

• Employee churn : Most CISOs are also losing track of movers , joiners and leavers across the business . This is a common security challenge encountered by organisations resulting in lost data on leavers ’ machines .

• Employee working behaviour : Employees routinely practising insecure working behaviours like connecting to public Wi-Fi and not flagging suspicious or malicious emails only makes the situation worse .

• Changing external threat landscape : Cyber-risks are on the rise . The volume and variety of attacks , especially ransomware , are growing exponentially . According to analysis by The Stack of Common Vulnerabilities and Exposures data ( CVEs ), the number of critical vulnerabilities in 2022 was up by 59 % compared to the previous year .

Moving to intelligence-led visibility

These challenges prevent CISOs from establishing full visibility and control over their IT estate . What ’ s needed is an intelligence-led approach to visibility , one that focuses on gaining insight and context that enables you to identify and prioritise the most important threats facing your business . This requires a transformational approach , a clear understanding of which bit of visibility you are dealing with and the ability to turn that information into contextual and actionable intelligence .

The goal is for visibility to be organic , removing manual processes and reducing noise to establish visibility of all data , threats , remediation opportunities and effectiveness of existing protection . It is important to remember that improving visibility is not about seeing more problems that you can ’ t solve but solving problems before you see them . While this might sound like an insurmountable task , breaking the journey down into priority-based steps provides a clear building roadmap over time .

Josh Neame , CTO at BlueFort Security

WHEN IT COMES TO CYBERSECURITY IT LANDSCAPES ARE COMPLEX , OFTEN UNTAMED AND UNPREDICTABLE .