With cyberattacks on the rise, government agencies and enterprises alike are challenged to ramp up cybersecurity protections—often with limited budgets and resources.
Effectively managing risk across complex technology environments, protecting against sophisticated threats, and dealing with growing regulatory compliance demands all put pressure on security teams. Leading practitioners advise focusing on maximizing efficiency and prioritizing initiatives with the highest security ROI.
During the recent SecureWorld Government virtual conference, Michael Gregg, CISO for the State of North Dakota, delivered the opening keynote presentation focused on strategies for increasing an organization's cybersecurity footprint despite limited resources.
Gregg spoke about the challenges of enhancing cybersecurity amidst a landscape he described as "VUCA"—volatile, uncertain, complex, and ambiguous. He highlighted new realities, such as remote work, quiet quitting, and supply chain disruptions, that make the job of security teams more difficult.
"We have to figure out how to really strive and thrive in this new environment, because it is a new environment, it's much different than it was just a few years back," Gregg said.
To drive cybersecurity progress with constrained staffing and budgets, Gregg outlined several approaches:
- Start with a clear mission, vision, and strategy tied to measurable goals and objectives. According to Gregg, "Your goals and objectives are how you can actually measure that you get there."
- Use techniques like "productive paranoia," "fanatical discipline," and "empirical creativity" to foster innovation and prepare for threats before they emerge.
- Drive adoption of new tools through incentives and stakeholder engagement. For example, Gregg partnered with North Dakota's insurance provider to offer reduced rates to entities that deployed his team's security tools.
- Focus efforts on high-impact initiatives using OKRs (objectives and key results). Gregg said OKRs bring "priority and commitment," "alignment and communication," and help achieve "amazing results."
- Streamline operations through automation, AI, and process enhancements to free up staff time. Gregg said, "Anytime you can streamline, it's gonna pay benefits."
Gregg shared tangible examples of how his team put these strategies into action, such as harnessing the power of machine learning to reduce manual incident response workloads by three full-time equivalents. This allowed them to reallocate those resources to critical areas such as threat hunting and other top security priorities.
In addition, Gregg stressed the ongoing importance of developing team capabilities through engaging simulations and exercises. To highlight the effectiveness of their training efforts, he proudly mentioned that his team achieved a remarkable second place in a fiercely competitive America's Cyber Cup Challenge, surpassing more than 100 other organizations.
With these inspiring success stories in mind, Gregg urged attendees to embrace the outlined strategies and use them as a foundation for making incremental improvements in their own security programs. He emphasized that even in resource-constrained environments like state government, it is possible to advance security measures and achieve significant progress.
Gregg is always open to hearing people's feedback and questions as they attempt to duplicate his efforts. Find him on LinkedIn here.
If you would like to watch Michael Gregg's keynote presentation in its entirety, it as available on-demand until January 25, 2024. Just register here for free.