CISSP and other security domain “paper” knowledge and testing of the core cybersecurity domains is helpful. But with the rapid change in adversary tactics and new technologies, exercising against that knowledge is critical. We must exercise our skillset to maintain vigilance on our networks day-to-day.
Both government and industry cyber readiness is critical. Often there are unanticipated vulnerabilities – in our platforms, in our behaviors – that don’t rise to the surface until we exercise and learn about the strengths and gaps in our skillset. You’ve heard it before: What you don’t know, you don’t know. Many agencies have red teams who run such ongoing testing – of systems and of people. Both are important as either systems or people can be the weakest link when protecting your networks.
Palo Alto Networks strongly believes in and supports such testing for cyber readiness. Each year, we put our money where our mouth is and participate in critical exercises and related activities – two of which are going on this week. We’re excited to be participating in two events – one in the UK and one in the U.S. – where we help arm professionals on the American and European coasts:
Pacific Endeavour and Combined Endeavor, which exercise the world’s militaries for communications’ readiness, also include a cybersecurity component to understand where we’re vulnerable – across the world’s defenses - and address the issues. While Combined Endeavor will return in 2016, we are quickly getting ready for the 2015 Pacific Endeavor.
We can’t stop here. As security professionals, we know the world of cyber and the threat landscape changes literally by the minute. One exercise is insufficient – we must maintain our cyber readiness skills in meaningful ways, from ongoing education plans to testing. If you’re a CIO or CISO, what are you doing to ensure that all of your teams who have an impact on the security of your network and data have the skills that they need? And are you ensuring those skills are in place across host, data center and cloud, SCADA infrastructure and the entire network that potentially touches the public domain? How do your professionals maintain that skillset on an ongoing basis? Don’t forget the people component to your programs. (Our CSO, Rick Howard, recommends some good reading on how to keep your teams trained and ready; see one of his recent nominations to the Cybersecurity Canon.)
Don’t forget, we also arm our existing customers with the very latest cutting-edge technology they can use today – as well as Ultimate Test Drive (UTD) sessions and labs for hands-on activities, at our annual user conference, Ignite 2015, coming up in just a few short weeks. This year, we’re adding luncheon roundtables where some of the brightest minds come together to discuss their challenges with the experts who have helped numerous other customers overcome the same.
Take a minute this week to think about your own team of cybersecurity professionals – and those within your organization who don’t touch security day-to-day but need to be armed with critical baseline knowledge to keep all of your network assets protected. Make it a priority to consider career development plans and training that help them to help you and your agency or company. We are all better off for it.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.