What lessons every CEO can take away from the Target Breach

Based on the recent leadership changes within Target (http://money.cnn.com/2014/05/05/news/companies/target-ceo-out/). CEO’s from all industries should be taking note and seeing the importance of listening to your security personnel and investing in your cyber security programs. Cyber Security has always been looked at as a overhead expense that is last on the list of funding behind production operations and customer facing infrastructure. Every Enterprise pays for physical insurance and security, so why not make the same investment into your cyber security program?

Cyber Security is what keeps your intellectual property and customers safe from exploitation. Not enough companies fund and politically support their cyber team, which leads to a lack of people, process and technology to protect your business from the malicious actors that are targeting your data. I have worked for several different leaders in several different industries with several different thoughts around the matter and it comes down to what is you tolerance for risk? Are you going to spend the upfront money to implement a proper security in depth solution that can prevent that next data breach? Or will you decide to pay whatever fines, fees, and loss of reputation that are incurred by a breach?

The question then becomes how can I, as a CEO or senior leader, best support my security teams to implement the right solutions that will protect the business. This includes the financial and political support to implement the correct technologies, the people to support and monitor it efficiently with the authority to enforce security policies. According to the finding from our Honeypot network (http://en.wikipedia.org/wiki/Honeypot_(computing)) we have determined that roughly 14% of the malware delivered to our Honeypot network bypassed antivirus controls successfully. There has been blogs and tweets that state that Antivirus is dead because it is a signature based technology. Antivirus is far from dead, it will always have a place in the security in depth solution. This strategy needs to include security for your hosts, server, network, and applications. Examples of this are tight firewall rules and routers access control lists, application firewalls, intrusion detection/prevention sensors, net flow analysis, deep packet forensic collection, log management, antivirus, file integrity management, malware protection, and encryption.

Making the investment to implement a proper security in depth solution is what every CSO/CISO should be recommending, backed by the financial and political support of the CEO and all senior leadership in your enterprise.