Armorblox is now part of Cisco

Articles & Thought Leadership | 5 min read

Key Learnings from Armorblox CISO Inner Circle Dinners


Lauryn Cash
Lauryn Cash
Armorblox CISO Inner Circle Dinners

Armorblox hosted five Inner Circle dinners for CISOs across the states in 2022; taking place in San Francisco, Los Angeles, Houston, Minneapolis, and New Jersey. These CISO Inner Circle Dinners each had sponsored speaker with the discussions focused around current trends and best practices for the CISO community.

These dinners give an intimate opportunity for CISOs to meet, gain knowledge from peers, and discuss best practices on high-priority items that are top of mind for the CISO community.

As the key sponsor, below are key insights that Armorblox heard from CISOs, across these dinners:

“Security is not the house of NO”

CISOs spoke at length about the preconceived notion that security teams ultimately land at ‘no’, in response to requests. Changing this mindset requires a broader agenda, and educating the business around security priorities is first. CISOs spoke on how conditions should be made clear for all requests, so that the answer is not ‘no’, it is a ‘yes, but’. To help change this perception, CISOs discussed how the security organization’s role has to become educational; providing explanation and reasoning behind answers so that requesters do not just hear ‘no’, but rather how to get to ‘yes’. CISOs made analogies to this, with comparison to cars – cars have brakes so that you can drive fast. Similarly, security processes are in place so that businesses can run quickly. Security teams must accept the role of enabling and educating businesses, with the goal to help organizations execute faster not to prevent them from running in the first place.

Decentralize risk management across the organization

CISOs agreed that decentralized risk management, when it comes to protecting sensitive and private information, is the best approach. The discussion led to suggesting individual departments be brought into the risks for requests they make. This enables a broad-based, buy-in around decisions made about security and the associated risk exposure, rather than relying on one team to sign off and take on the risk across all requests. Decentralized risk management will also create the space for discussions around security budgets and the division of costs between the security organization and the corresponding business units bringing these requests forward. A decentralized but unified approach will provide an improved framework for decision makers at both leadership and board levels, ensuring changes are based on unanimous understanding around inherent risks.

“Drill, drill, drill”

Staying ahead of an ever evolving attack surface of threats requires an organization to be periodically tested. Red teaming, simulated phishing attacks, security awareness weeks - these are all equally important in making sure the company is ready in the case of an attack. CISOs discussed the importance to continuously run drills, rehearse scenarios, and give red teams the ability to create chaos and see if the organization can recover; only then will you truly know if your organization is ready not if, but when an attack happens. This requires resources, and time to be carved out in the security team’s agenda in order to be executed successfully, plus executive buy-in for these initiatives. CISOs agreed that the key components to staying ahead of evolving threats is to raise security awareness and increase security posture across the organization. The best way to get there? Continue to run drills and scenarios that put your infrastructure at risk and bring down the network - only then will you know where the gaps are and how to enhance your attack defenses.

Use cyber insurance renewals judiciously

CISOs reflected on the reasons behind the sharp increase of cyber insurance premiums many have seen over the past 18 months: phishing attacks originating from compromised vendors, partners, and distributors, as well as data leaks from compromised internal accounts, millions lost through fake invoices and wire transfer requests. “Never let a good crisis go to waste” was a key sentiment in response to these heightened premiums. CISOs agreed that when there is a breach, use each scenario to your advantage. Telling the reason behind the result of an increased premium can highlight the needs of the broader security team; for example, more headcount or implementing better security solutions.

The discussions that took place at Armorblox CISO Inner Circle Dinners focused around the rise of sophisticated threats and the need to ensure improved security solutions are in place to combat these threats. This also means that CISOs may be looking for increased budget, or to revisit current priorities to work with a flat budget and still reach the level of security infrastructure the organization needs. The first step is changing the preconceived notion that security organizations are stuck at ‘no’, and that education and enablement can go far as long as the time and resources are available.

View our recently published 2022 Email Security Threat report with key insights and stats on which targeted attacks organizations are most vulnerable.

Learn how Armorblox prevents targeted attacks and data loss and streamlines work for SecOps teams.

Take Security Operations Product Tour

Experience the Armorblox Difference

Get a Demo