In a constantly changing cybersecurity landscape, staying ahead of the curve is not just a competitive advantage; it's a necessity. Recently, we had the privilege of diving into the insights of the LevelBlue Futures Report.
In a constantly changing cybersecurity landscape, staying ahead of the curve is not just a competitive advantage; it's a necessity. Recently, we had the privilege of diving into the insights of the LevelBlue Futures Report, a comprehensive annual thought leadership report that offers a glimpse into the future of cybersecurity and resilience. Join us as we unravel the key takeaways and implications of this groundbreaking report.
Exploring the Landscape
The LevelBlue Futures Report covers the core challenges and opportunities faced by organizations when it comes to cybersecurity and resilience. In a candid conversation between Theresa Lanowitz, Chief Evangelist of ATT Cybersecurity and Agent of LevelBlue, and Sean Martin, the stage is set for an enlightening discussion on the pressing issues at hand.
Key Insights and Findings: A Closer Look
As the conversation unfolds, we are introduced to critical findings from the report. From the changing role of the economic buyer to the imperative of aligning cybersecurity with business objectives, each insight sheds light on the evolving dynamics of the cybersecurity landscape.
Challenges and Barriers: Addressing the Reality
One of the stark revelations from the report is the prevailing challenges and barriers that hinder organizations from achieving cyber resilience. From the lack of a formalized incident response plan to the reactive nature of cybersecurity practices, the report highlights the urgent need for proactive and intentional cybersecurity measures.
Looking Toward the Future: A Call to Action
Despite the hurdles and complexities inherent in cybersecurity, the LevelBlue Futures Report serves as a guidance for organizations seeking to bolster their cybersecurity posture. By leveraging the insights and recommendations laid out in the report, organizations can embark on a journey towards enhanced cyber resilience and strategic alignment with business goals.
Empowering Change: The Role of Strategic Planning and Collaboration
A key theme that emerges from the report is the pivotal role of strategic planning and collaboration in driving cybersecurity innovation and resilience. By engaging third-party advisors, fostering cross-functional communication, and realigning cybersecurity investments with business objectives, organizations can pave the way for transformative change in their cybersecurity practices.
With the LevelBlue Futures Report one thing becomes abundantly clear: the future of cybersecurity lies in proactive, business-aligned strategies that prioritize resilience and innovation. By heeding the insights and recommendations put forth in the report, organizations can chart a course towards a more secure and resilient future.
In an era where cybersecurity threats loom large and innovations abound, armed with knowledge, foresight, and a commitment to change, organizations can forge a path towards a brighter, more secure tomorrow.
Learn more about LevelBlue: https://itspm.ag/attcybersecurity-3jdk3
Note: This story contains promotional content. Learn more.
Guest: Theresa Lanowitz, Chief Evangelist of AT&T Cybersecurity / LevelBlue [@LevelBlueCyber]
On LinkedIn | https://www.linkedin.com/in/theresalanowitz/
Resources
LevelBlue Futures Report: https://itspm.ag/att-cy8awv
Learn more and catch more stories from LevelBlue: https://www.itspmagazine.com/directory/levelblue
View all of our RSA Conference Coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverage
Are you interested in telling your story?
https://www.itspmagazine.com/telling-your-story
Unveiling the Future of Cybersecurity: A Deep Dive into the LevelBlue Futures Report | A Brand Story Conversation From RSA Conference 2024 | A LevelBlue Story with Theresa Lanowitz | On Location Coverage with Sean Martin and Marco Ciappelli
Please note that this transcript was created using AI technology and may contain inaccuracies or deviations from the original audio file. The transcript is provided for informational purposes only and should not be relied upon as a substitute for the original recording, as errors may exist. At this time, we provide it “as it is,” and we hope it can be helpful for our audience.
_________________________________________
[00:00:00] Sean Martin: Alright, and uh, here we are. It's the, the event of the year, we shall say. Uh, RSA Conference, I'm Sean Martin. I'm joining you live from the show floor here in Broadcast Alley. And I'm joined by Teresa Lanowicz from, uh, Level Blue. Teresa.
[00:00:18] Theresa Lanowitz: Hi, Sean. Thanks, Sean. It's great to be here with you.
[00:00:21] Sean Martin: I've seen you running around and presenting and all kinds of fun stuff.
And it's been a good week. I'm gonna presume for you as well.
[00:00:28] Theresa Lanowitz: Oh, an exceptionally good week. Yes. Absolutely.
[00:00:30] Sean Martin: And a lot of, uh, a lot of news, which we'll talk about in terms of And more importantly, some research the team has done, and we're going to talk about that as well. Quick, quick word about who you are, Teresa, so folks know.
[00:00:43] Theresa Lanowitz: Sure, I'm Teresa Lanowicz, Chief Evangelist of ATT Cybersecurity and Agent of Level Blue. So, that should give us probably the first jumping off point as to what we're going to talk about.
[00:00:54] Sean Martin: It should. So, it's always fun to bring something new to market. And the theme this year, I'll just go ahead and say it, is the Art of Possibility.
So an injection of passion and excitement and research and everything. Tell us about Level Blue and what's going on.
[00:01:10] Theresa Lanowitz: Passion, excitement, innovation, lots of interesting things. So on Monday, May 6th, the first day of RSA Conference 2024, an alliance between AT& T and Will Gem Ventures was announced, and that is Level Blue.
And what Level Blue is, is a strategic extension of your team. And we provide that strategic extension of your team through our Cyber security consulting to help protect your business intelligence. Our managed security services to help predict your security investments. And our level blue labs, our threat intelligence team to provide you with visibility to help you mitigate risk and foster innovation.
And then the fourth pillar is really what we're going to talk about. Our thought leadership research.
[00:01:55] Sean Martin: And of course driven by data, analyzed by the team. Communicated with customers and prospects and partners to really understand what's going on, what do we need to do, how do we get to a safer, safer place.
And, tell us a little bit about the history of this report.
[00:02:14] Theresa Lanowitz: So this report, as I mentioned, is our annual thought leadership report and research that comes out once a year. And we RSA because there's just so much excitement around new things coming out, new research coming out. So this report previously was called the AT& T Cybersecurity Insights Report.
And for the past few years, we've focused on cybersecurity and edge computing. This year, we've changed the name to the Level Blue Futures Report. So it's the continuation, the heritage is certainly from the AT& T Cybersecurity Insights Report, but it is now the Level Blue Futures Report. The great thing about this report is it's vendor neutral, it's actionable, and it's actionable.
And it's forward looking and forward looking. It's within that 12 to 36 month time horizon. So it's not 10 years from now. Here's what you should be doing. And what we did this year is we really focused on the economic buyer, the person in the organization who has to make these decisions about cyber resilience and its investment, cybersecurity and its investment, and how to align cybersecurity with business objectives.
[00:03:21] Sean Martin: Can I ask you? Has that economic buyer changed the profile, responsibility? I don't know if you have any insight into that.
[00:03:30] Theresa Lanowitz: Well, when we went out to do the research, what we did is it's a quantitative survey of 1, 050 people from 18 different countries. And we surveyed seven different vertical markets and the titles of the people that we wanted to ask these questions of, it was C suite and then C suite minus one.
So that economic buyer is the one who is in the organization making the decision saying, maybe I had some type of breach that I was not really able to remediate internally. Maybe I'm looking to do something different because I'm spending a lot of money on cyber security, and maybe I'm not getting back what I thought I should be getting.
But here's one of the really cool stats. You know, in the past, everybody said, Oh, we have to have the return on investment or the ROI calculation for cyber security. This year, 80 percent of our survey participants, so keep in mind, it's C suite, C suite minus one. They said ROI is an outmoded way of measuring the effectiveness of cyber security.
[00:04:30] Sean Martin: Interesting. Yeah. Did they say what the new way is?
[00:04:35] Theresa Lanowitz: Well, they did. They did. What they told us is they, they want to align cyber security with Business objectives more. They need to align cybersecurity with business objectives. And of course, the big thing that everybody is concerned about right now is cyber resilience.
And we have all these new regulations coming out. And what we found is that inside of organizations, there's not a whole lot of definition around the idea of cyber resilience. So there's definitely a definition. So what we're saying in our report is cyber resilience is. Looking at that entire IT estate and how the IT estate and the business recovers from certainly a cyber attack, but also a natural disaster, a fire, hurricane, flood, or some type of man made accident.
And how they cope, how that organization copes with bringing that business back online. And then Cyber Resilience is looking at the cyber security estate. And so, an example I like to use to differentiate cyber resilience from cyber security resilience is let's assume we have a river with moisture sensors and when the water rises to a certain level, there's a series of events that happen.
It triggers warning systems for people living in the area to evacuate. It brings on warning systems to say, you know, EMTs need to respond to that sort of thing. So let's say there's a hurricane that comes through. takes out those centers and now people living near that river, they have no idea what's going on.
That's where cyber resilience comes in. You have to bring in your cyber security team, of course, but your IT team, your facilities team, line of business, possibly legal, the application developers who worked on maybe those mobile apps, maybe some part of your supply chain has to come in as well. Maybe you're outsourcing those mobile apps to another agency or so on.
So that's cyber resilience, being able to recover from that disaster and coping with it. Then cyber security resilience, we take that same example and for cyber security resilience, let's say there's a DDoS attack against those IOT, those sensors, those IOT sensors. Yes, the cyber security team has to be able to remediate, be able to separate that DDoS traffic into legitimate traffic versus malicious traffic.
So that's how we've focused this report.
[00:07:00] Sean Martin: So, as you're describing this scenario, all I can think of is that that's one specific thing that, of probably hundreds, thousands, that an organization needs to consider. So you mentioned that many said they didn't have a definition or an understanding of what resilience was.
[00:07:20] Theresa Lanowitz: Right.
[00:07:20] Sean Martin: What you just described is complex for me, I'm sure it's the same for them. Is that complexity and the lack, because one of the findings, I think, in the report was Not many had a view for how they actually could achieve resilience.
[00:07:35] Theresa Lanowitz: Correct. 72 percent of governance teams said they don't understand cyber resilience or how to achieve it.
And some of the other barriers are, we have new regulations coming in and some of that information is unattainable today. Some parts of the organization are saying, we're funding cyber security, why do we need to fund cyber resilience? Other barriers are the executives just don't understand it. So, it starts at the top, and then you see all of this new innovation happening.
Computing innovation is happening, as we all can see here at the show, it's happening at such a rapid rate. That 85 percent of our survey participants said, when we start to bring in more innovation, we know we're innovating with this idea of dynamic computing. Computing beyond the four walls of the organization.
85 percent said yes. That innovation is bringing in risk, but the other side of that is 74 percent said yes, innovation brings risk, but innovation outweighs risk. And so here we are at a cyber security show where all we're talking about is risk mitigation. How do we deal with that now?
[00:08:47] Sean Martin: That's the big question, and I've been chatting with some CISOs this week, and, and Repeat myself, uh, from some of the other conversations I had, but there seems to be a bigger draw, you mentioned IT systems and then cyber kind of in here.
There seems to be a bigger draw for the CIO to really take on some of the role, that's why I asked about the role in the survey as well. The role of resilience to include cyber, not, not to say here's IT resilience and then cyber is coming. I don't know if you're seeing similar thing where it's. It's really being embraced or more of a partnership instead of separate?
[00:09:27] Theresa Lanowitz: It needs to be more of a partnership. And I think the CIOs, the CISOs that you were talking to, where the CIO is being asked to take on more of the resilience, they're further ahead on the curve than most. And what we found is that cyber security, 64 percent say it is still very isolated. It's still an afterthought.
So all of this talk about how cyber security has gone from a technology problem to a business requirement, it is still isolated. And we found only 35 percent of our survey respondents, and so keep in mind this is C suite, C suite minus one, only 35 percent say that they have a formalized incident response plan.
[00:10:11] Sean Martin: That's shocking.
[00:10:11] Theresa Lanowitz: That is, I, I think it is, but it isn't.
[00:10:15] Sean Martin: True. You know, it's, Shocking, but expected. Right. Sadly, I guess. So, if only roughly a third have a formal program, presumably only a subset of them have playbooks and have practiced them as well. Right. So even a bigger, even if they have a defined program, they probably aren't ready to respond properly.
Correct, correct.
[00:10:41] Theresa Lanowitz: And that speaks to the fact that cyber security is still an afterthought. Right. That it's still siloed. And what we also found is that cyber security, there are external triggers that happen that say, Oh, you can have some cyber funding. So a breach, a competitor's breach, a supply chain issue.
So all of those external types of things, people say, Oh yes, of course, cyber team, you can have more money. So it's very reactive. So what we're still seeing after all these years. is that the cybersecurity team, unfortunately, and they all know this, and they need to figure, they want to figure out ways to do better, we still see that cybersecurity is reactive and transactional versus proactive and intentional.
And what we uncovered with this research is the more that cybersecurity investment can be aligned with what the business objectives are, and the more you can have that cross functional communication internally. But bring in those external trusted advisors to help, the better off you're going to be.
[00:11:46] Sean Martin: So let's talk about that, because I'm hoping there's some positive news, a silver lining.
So clearly understanding where we are with a view of the future, the insights into where we want to go, we can begin to take that journey. So is there anything in the report that you can highlight that suggests there's a desire and an action and an investment in, uh And a plan to, to make that happen, or make something good happen here.
[00:12:15] Theresa Lanowitz: Absolutely, and I think that across the board, everybody has good intentions. And it's just a matter of getting all these different moving parts together and delivering an outcome. And as we talk about these third party trusted advisors, one of the nice pieces of data that we have is that it says that for these more strategic activities, such as strategy and planning, data management.
Architecture. They're going out and they're looking to that third party trusted advisor to come in and help them. Right. And then once they get to endpoint management, application development, quality assurance, they have that architecture set. And I come from an application development background, and one of the things we know in application development is the better your requirements are, the better your architecture is, the easier it's going to be to develop that system, to develop that use case.
So we're, if we're seeing these, these more strategic things, strategy and planning, architecture, data management, be more proactive in bringing in somebody to help them understand it, we should be able to see big wins.
[00:13:21] Sean Martin: Talk to me about, uh, the, there was a point in the report about, uh, complexity as well.
Cause I think some, what you just described in terms of having a nice foundation, and an architectural baseline to work from. In some ways, can perhaps reduce a lot of the noise and complexity as well, which does two things. Makes it possible to achieve things, but also reduces the exposure. Correct. Things as well, right?
Correct. So any insights from there?
[00:13:53] Theresa Lanowitz: I think you summed it up pretty well there. I mean, if you can manage these things, you can reduce your exposure. But complexity just continues to grow. We never throw anything away. We still have mainframe client server. I was talking to a CISO from a fairly large organization the other night and he was saying, he was telling me some of the commercial off the shelf tools that they're still running.
And I was shocked by what, I guess I was, and I wasn't shocked by what they're running. So things that are 30 plus years old, so they're still out there. And that complexity is there. And it's something that we have to manage. With innovation. What we found out is that 80 percent of our survey respondents.
Say that they struggle with the cybersecurity controls to implement because the innovation is increasing at such a rapid pace. And maybe they weren't doing these things with the other parts of the, the business, the other use cases that they were focused on protecting. But now all this innovation comes in as dynamic computing and we're suddenly outside the four walls of the organization.
Right? The perimeter has been dissolved for a long, long time, and what we also found out is 79% said. They do not know what the impact of an attack on their organization is. And that's, that again is, is, is
[00:15:10] Sean Martin: So don't find out?
[00:15:10] Theresa Lanowitz: Yeah, well it talks to the whole idea of being reactive. So cyber security teams are still reactive.
These outside activities happen and they have to go into action.
[00:15:22] Sean Martin: Well it's interesting that a lot of these points really reinforce the others. Yeah. Um, sometimes you might have conflicting ideas. Conflicting stories there, but it's interesting that these all align. Tell me about how organizations can leverage the report, maybe to take a step back and think of, think how, what the next step might be for them.
So, clearly we identified, right, what's the definition of resilience, what does that mean to us, do we have a response plan, how do we move forward with that. Are there things in the report That organizations can, I'm thinking of security leaders, can say, This is us. We need to look at ourselves internally with a good looking glass.
And we probably need somebody to come in with fresh eyes to say, We see how you look. We've seen it a million times in other organizations. Here is the best possible step forward.
[00:16:24] Theresa Lanowitz: Yeah. Yeah, one of the things that we're advising people to do is download a copy of the report, read it, mark it up, see where you fit into that report, use it as a guide post to start those discussions in your organization.
Now you can go with quantitative information to your senior leaders, to your C suite, and say here's what's going on, here's what's holding us back from being cyber resilient. Here's what's holding us back from delivering stronger business outcomes. Because we all know that the innovation is about delivering better business opportunities, delivering higher revenues, giving you better visibility into your supply chain, and so on.
So use it as a guidepost, and then go have that conversation with your senior leaders. But before you have that conversation, identify what your barriers to cyber resilience are, understand about Being secure by design. How are you going to make sure that security is not left until the very end or it's not a reactive situation?
And then, as you mentioned, bring in those trusted third party advisors, people who have done this in the past, and then align those cyber security investments with your business investment and just rethink the strategy of your entire cyber security organization. Are you a reactive organization or are you a proactive organization?
Aligned with business to deliver better business outcomes.
[00:17:52] Sean Martin: I love it Teresa, and I think the other good thing I've heard quite a bit this week is Don't I Don't want to say don't We're in a much better position if we can attach we cyber security can attach ourselves to the bigger resilience
[00:18:11] Theresa Lanowitz: Yes
[00:18:12] Sean Martin: picture.
I think executives are they're focused on that. They see it around them. They've seen it themselves where And you pointed out some of them don't have response plans, so they probably experienced an issue dealing with something. Um, if we can be part of the bigger resilience view, more likely are, it will be that we actually get included in the solution to
[00:18:37] Theresa Lanowitz: Exactly.
If we can be part of that solution and show how we can be part of that solution and show how
[00:18:43] Sean Martin: That's not an easy conversation though, right? Right, right. So having, having experienced That's at that level is critical.
[00:18:51] Theresa Lanowitz: Exactly. Exactly. And that's, I think, is how this report can help so many cybersecurity professionals have that conversation.
The report is written in a very business friendly style to be able to have that conversation with the senior leaders and the economic buyers in the organization.
[00:19:08] Sean Martin: Perfect. Well, Teresa, it's been fantastic. Can you, uh, I didn't bring the report with me. I should have held it up. The name again of the report.
[00:19:18] Theresa Lanowitz: It's the Level Blue Futures Report and our listeners can get it at levelblue. com.
[00:19:23] Sean Martin: Perfect. And of course we'll include a link to that and a link to your profile. Hopefully people connect with you. Great. Have a good chat because I think it's important that we have this conversation. At the business level and at the broader cyber resilience, or broader resilience level.
And it starts with you, I'd say.
[00:19:40] Theresa Lanowitz: Great. Thank you so much, Sean. It's wonderful to be here with you.
[00:19:43] Sean Martin: Pleasure to chat with you and thank you everybody for listening and watching. This on location brand story with Level Blue and Theresa. Please do connect with the team, download the report, check it out. See where you fits.
See where you want to go. Identify how you're going to have that conversation. Bring Terisa and team in to help. and We'll all become a little more resilient. Awesome. Awesome. Thank you so much. See you everybody.