Areas to Focus on in Your Information Security Strategy

From connected devices to insider threats, the modern day cybersecurity professional has their hands full when it comes to ensuring their organization measurably reduces risk.

There are systems to inventory, software to patch, and employees to train on the risks of operating within the organization’s network, all while ensuring progress is being tracked and reported to run the business of security effectively ultimately. But when it comes down to brass tax, security professionals need to stay on top of their game when it comes to the evolving threat landscape.

New forms of security tools always seem t crop up, but for the most part, malicious actors haven’t changed their attack tactics too much, according to Karl Sigler, Threat Intel Manager at Trustwave SpiderLabs.

“They’re really not that different than they’ve always been,” he told InfoSec Insider during a recent video interview shot at the RSA Conference in San Francisco. “The protections and policies that organizations have been putting in place have been effective in securing them.”

That’s not to say that security practitioners reading this need not worry, one area they should pay close attention to are IoT devices, which Sigler believes will be the cause of many breaches soon.

In the full video interview below, Sigler discusses the state of cyber threats in 2018 and suggests what areas of your security strategy you should focus on to take proactive steps in measurably reducing risk within the business.

Click here to view the video.