author photo
By Bruce Sussman
Mon | Jan 20, 2020 | 7:00 AM PST

Visibility within your network and across your organization is difficult enough.

However, there is something else to consider when it comes to visibility.

Fred Kwong, Chief Information Security Officer at Delta Dental, tells SecureWorld that external visibility must also be part of your cybersecurity strategy.

We interviewed Kwong after he presented at SecureWorld

How does external visibility relate to cybersecurity?

Here are excerpts from our Q&A with CISO Kwong:

[SecureWorld]  Explain what you mean by external threats: what does the big picture look like?

[Fred Kwong]  The concept is, as security practitioners we often focus our energy on internal controls. That's important, however, there are a lot of things outside of our organization that we have no control over but we need to have some visibility around. And those are things that happen in the Dark Web, in social media presence, in simply understanding that a lot of bad things can happen to our brand outside of our control. This leads to an important question for organizations. How do we measure or control or quantify these pieces which pose external threats?

Where does external visibility intersect with cybersecurity?

[SW]  And where does cybersecurity intersect with this problem?

[Kwong]  I think cybersecurity plays a bigger part than it used to. In the past, when the internet was not the thing that it is now, external brand control was really more brick and mortar, on paper, and really handled by marketing and communications and PR.

But today, when you think about our 24-hour news cycle, when you think about the social media presence of our executives and of our company brand, cyber needs to play a key role in that. We typically understand the technologies, and gain understanding into how we can integrate with these technologies and how to address these technologies, in terms of false information or negative information.

How do cybersecurity teams works closely with communication and marketing?

[SW]  One of the things you mentioned was this idea of working very closely with communications or marketing. How does this look within an organization?

[Kwong]  When you think about our incident response processes or about tabletop exercises in general, they help us prepare ourselves as an organization. They also help us understand when we do have an incident and it is social media-based or external to our organization based, these are our key partners that are going to help us through the situation.

And for them to have an understanding of our world and us to have an understanding of their world, we can collectively come together and have a response, end to end, to address whatever that incident is. This is critical for the reputation of the organization.

[SW] Can you unpack a few examples?

[Kwong]  So one concept is that you have a doppelganger domain that kind of looks similar to yours—so maybe it's "secureworldexpos.com" instead of "secureworldexpo.com." And all of a sudden, someone is trying to grab credentials from that or from your customer, or they could be trying to attack you or your employees.

The same thing goes for executive presence. If you have a CEO of a well-known organization, especially one that's publicly traded, spreading false information about that executive could potentially lead to a stock loss or even a gain depending on what that person is trying to do.

[SW]  Lastly, we are sure you have a million things to do. Being here at SecureWorld, you must believe in cybersecurity collaboration. Why is this?

[Kwong]  If you think about security as a space, it's still very young. In the 80s we were pretty much just firewall guys, or controls folks from a GRC perspective. However, this space is ever-evolving and ever-changing, and it's hard for everyone to keep up with everything.

In order to be successful in this role as security leaders or practitioners, we have to share information, we have to collaborate, we have to understand from each other: what are you seeing? What has worked, what hasn't?

Conferences like SecureWorld are great for that collaboration to happen, where you can meet with your peers, meet with some key strategic partners, and understand what's happening in this ever-evolving world of security. It helps us understand how we manage everything and keep ourselves sane while doing it!

Keep your cybersecurity sanity going this year.

Collaborate with your cybersecurity peers at your regional SecureWorld conference when it happens.

[RESOURCE: 20 Cybersecurity Quotes for 2020]

Comments