Guarding the SaaS Landscape - Integrating Threat Detection and Posture Management

This was a sponsored session.

As SaaS adoption skyrockets, so do breaches and data exposures. Safeguarding SaaS environments demands a proactive, integrated approach to threat detection and posture management. For CISOs, this not only means shifting their focus to new strategies for detection and alerts, but also identifying more effective ways to ensure business stakeholders are educated on changing risks. 

CISOs in our DACH Community gathered recently for a Town Hall discussion on protecting the SaaS landscape. Brandon Romisher, Vice President EMEA at AppOmni, moderated the discussion. Governing Body Members Christopher Herzog, CISO at FORVIA, Christian Kaltenhofer, Head of IT-Governance and Steering / ISO Lufthansa Airline at Lufthansa, and Paul Sester, CISO at HORNBACH Baumarkt AG, served as panelists.

Executives on the panel discussed how to combine posture management with threat detection to better prioritise alerts and mitigate data exposure, how to balance the need for innovation, resilience and supporting the business with awareness of the risks of data leakage, and how to ensure the strategy for communicating risks evolves to keep pace with the fast-moving threat landscape.

Here are five highlights from their discussion:

1. SaaS vs. Cloud Prioritization: Brandon Romisher from AppOmni kicked off the discussion by asking executives about how they balance SaaS and cloud priorities. Paul Sester of HORNBACH emphasized a strategic approach, using cloud solutions where they make sense, noting they are “not forcing cloud migration, but looking at cloud and SaaS. Nevertheless, we are also a ‘do it yourself’ retailer, so we want to do things ourselves – it's in the DNA.” Christian Kaltenhofer from Lufthansa highlighted the risks associated with SaaS, especially given their role as critical infrastructure under German law. He shared, “If you use SaaS in infrastructure, you are the accountable person and need to be thoughtful about risk.” 
2. Risk Management and Governance: Christopher Herzog of FORVIA shared a structured governance approach to cloud usage, ensuring strict processes for assessing cloud services in conjunction with data classification. He emphasized the importance of identifying unauthorized cloud access and maintaining strong governance to manage risks effectively. He explained, “Starting from the beginning, you need strong governance to help people understand they are giving data away to external suppliers with little control.”
3. Procurement and Security Integration: The discussion highlighted the necessity of integrating security teams into the procurement cycle. Christopher Herzog of FORVIA and Christian Kaltenhofer of Lufthansa stressed the importance of aligning with procurement departments to ensure security measures are considered during vendor selection and contract negotiation.
4. Internal Relationship Building: The security leaders discussed the internal challenges of involving app owners in security processes. They emphasized building relationships and using risk assessments to demonstrate the business impact of potential security issues, fostering cooperation and accountability. Paul Sester of HORNBACH indicated they have a system in place in which “there is always an accountable person, that person is in the Operations department and directly reporting to a board member. This makes it easier to get information to the owner.”
5. Detection and Response vs. Proactive Measures: The CISOs expressed a preference for detection and response as a priority over proactive posture hardening. They acknowledged the inevitability of security incidents and the importance of being prepared to react effectively, while also recognizing the need for a balanced approach to security management. Christopher Herzog of FORVIA noted, “You can never ensure 100% security. If we would only apply protective measures, something will happen, and we won’t know how to react.”

The security leaders wrapped up their discussion by discussing shadow IT, with one saying, “Shadow IT comes in many different forms, whether we like it or not, and it continues to be a concern.” Christian Kaltenhofer of Lufthansa also shared, “For me, it starts with straight governance and a precise, centralised approach. You must ask if you want to use something.” 

CISOs can continue the conversation on new strategies for threat detection and educating stakeholders on posture management at an upcoming gathering with their security peers. Current community members can sign in to the app to find and register for events. If you are new to Gartner C-level Communities, apply to join your regional CISO community to regularly connect with your peers on critical priorities.
 

Special thanks to AppOmni.

By CISOs, For CISOs®
 

Join the conversation with peers in your local CISO community.