Eyal Firstenberg, vice president research, LightCyber, said improving security is going to take a combination of technology and training.
"There is a need for fast and accurate alerts and notifications, which ultimately determine the outcome of these cyber engagements," he said, but added that, "organizations need more professional diagnosticians on staff who are trained to know what threats are real and need to be addressed, and which ones aren't."
Ashley Hernandez, an instructor for Guidance Software, calls for more communication among organizations. "Security professionals need to have a way to share intelligence about patterns or attack types to others in their industry or trusted security groups," she said.
Clyde notes that ISACA, "has a number of programs, from risk governance frameworks like COBIT 5 to the Cybersecurity Nexus (CSX), to ensure cybersecurity professionals have the skills they need to defend enterprises from the plethora of threats."
Finally, Loomis offers a short list:
- Improve procurement processes. "It takes too long to buy new tools," he said.
- Start educating your staff on what the DHS and NIST Frameworks really are. Read the MITRE book on the 10 strategies to a world-class SOC.
- Stop believing the marketing and get real-world feedback on tools. "Security has put a lot of money into marketing, but that doesn't mean the solution is right for the organization," he said.
- Run simulations. "When was the last time a company ran a real cyber drill?" he asked.
- Stop following paper policy, "Militarizing your team, running drills, making it second nature is what will help the response process, not following a check list," he said.
Sign up for Computerworld eNewsletters.