Xigent recently hosted a major educational networking event for executives responsible for securing their organizations’ IT.
During the second annual Siouxland Cybersecurity Forum, business leaders and security pros gathered to discuss trends and evolving best practices for modernized ITSEC operations.
Attendees were surprised to learn that many of their peers were grappling with their same issues. They left with more than a few good ideas for constructing a solution.
IT consumerization is now backfiring on businesses with substandard security. Much like the family who can’t trust their poorly trained guard dog when friends and family come around, banks are learning the hard way that popular IT security strategies pose more business risk than reward.
If not done right, securing a network is downright unfriendly to customers and important business partners. Worse, it can get in the way of business growth.
Making IT security less about features, more about benefits
At the 2019 Siouxland Cybersecurity Forum on May 16, six leading security experts discussed IT from an elevated perspective. The overarching focus was on integrating IT with business objectives to help foster a sustainable and valuable IT security operation. Management is able to perceive greater value through such a business integration.
Speakers and panelists joined with local executives to share insights into methodologies that contributed significantly to their IT security efforts. Topics ranged from performing strategic assessments that harvest cost-center value to prioritizing internal skill sets.
Endpoint monitoring is still the holy grail for security analysts. While event logs are not difficult to collect, properly managing the inflow of log data poses significant challenges. Xigent has worked with several large firms over the years and learned “the ropes to skip and the ropes to jump” for endpoint monitoring.
Monitoring event logs can quickly devolve into a quagmire for any business, especially for banks. Businesses need strategic assessments and well-designed infrastructure to make that front-line defense mechanism helpful rather than harmful.
30 Audit Reviews a Year and Still Accomplishing Valuable Work
One of the more interesting items that came from the discussion was seeing how the State of South Dakota’s IT department figured out a way to do their work while reacting to constant regulatory auditors. If you think the FDIC, OTC, FFIEC and State examiners are disruptive, imagine adding the IRS, FCC and dozens more to your schedule! The Bureau of Information and Telecommunications (BIT) contends with 30 audits a year and still has to keep the network running safely. BIT manages and secures some 1,094 business applications, 1,023 virtual servers, 975 software packages, 850 websites, 228 servers and nearly 200,000 users.
Despite all those distractions and operating with a smaller budget than most states, the Chief Information Officer for the State of South Dakota showed how his team gets non-disruptive monthly vulnerability assessments of every endpoint, and why that became such a priority.
Also instructive were his comments about the benefits of migrating to a centralized Office 365-based email.
Over the coming weeks, we will be posting videos and summaries of this and the other six presentations to our blog. Subscribe to our newsletter to get notified every time we release a new presentation to stay up-to-date on the latest cybersecurity developments.
A Refreshing View of the Landscape
Day-to-day routines can gradually lead to myopia and dangerous blind spots; without a break, they force a vision constrained to granular technicalities. Too much time in their own office can isolate executives and make them less valuable to the company.
Business conferences such as the Siouxland Cybersecurity Forum help executives take a meaningful break from their routine and to get an elevated view. Panelists and roundtable discussions help them to see the landscape, guiding their focus towards more meaningful work that aligns with strategic business objectives.
Borrow Brilliance from Security Professionals
As important as outside business events can be, busy IT execs need to have good working relationships with professionals who can help with important objectives.
Just as inter-departmental collaboration fosters innovation, so can people responsible for IT security benefit from learning from other professionals. The CISO of a major manufacturer can learn much from someone in the same role at a financial institution.
Xigent plays an important role in serving the needs of business leaders responsible for information security. We were able to assemble and host events such as the recent Siouxland Cybersecurity Forum with industry experts because we work with so many in the region. We incorporate their insights with our own to help solve real-world challenges for hundreds of businesses, including financial institutions.
Sign up for our newsletter to get monthly updates on what business leaders are talking about in the area of IT security.