At the recent Whitehouse Cyber Security Summit, Kevin Mandia, SVP and COO of FireEye and the former CEO of Mandiant,sat on a panel about international law enforcement cooperation, along with representatives from the Federal Bureau of Investigation and the U.S. Secret Service. During the discussion, Mandia provided some specific guidance on how organizations should structure their security practices.
Mandia offered three key questions that every CISO should be able to answer:
How would you break into our organization? If a CISO can’t answer that question, Mandia said, he or she is simply not thinking properly about the organization’s security program.
If we had a breach, would we even detect it? Mandia said that understanding if the CISO has a plan for breach detection is critical to an organization being able to actually deal with a security incident when one occurs.
What’s the worst case scenario if someone does actually break in? “You don’t necessarily need to care what the answers are,” Mandia said. “You want to make sure that there are answers.”
If a CISO can answer these three questions, Mandia said, it means the organization has a security program in place that can address the core issues of today’s hacking threats.