Threat Ready — Ensuring Business Resiliency

Cybersecurity incidents are not a question of 'if' they will happen, but ‘when’ they will happen – even for organizations with mature security programs. Security teams must go beyond initial threat detection and response to ensure business resilience in today's interconnected digital landscape.

CISOs in our Dallas Community gathered recently for a Town Hall discussion exploring their role in business resiliency and how to enable partners and stakeholders to move forward through turbulent times. Cristian Rodriguez, Field CTO - Americas at CrowdStrike moderated the discussion, and Governing Body Members Steven Dodson, CISO at Permian Resources; Chris Jacquet, SVP, CISO at Unisys; and Joe Paul, Director of Cybersecurity Compliance, Deputy CISO at Choreograph, led the discussion groups.

This year, cyber resilience has emerged as the top focus area for CISOs across our communities worldwide, according to our annual Leadership Perspective Survey. This discussion focused on the current threat landscape, how AI is both an opportunity and a security challenge, and how to prepare the organization to resume operations after an attack.
 

Key Takeaways from the Discussion

1. In the current landscape, CISOs are particularly concerned about AI, social engineering and cloud risks. CISOs kicked off the discussion by talking about the evolving threat landscape. GenAI is lowering the barrier to entry for adversaries, making sophisticated attacks, like deepfakes and social engineering, more accessible. One CISO said, “We have a big concern with threat actors using AI.”
   
   Social engineering is another top concern, now amplified by AI tools that can spoof voices, generate convincing phishing emails, and manipulate communications. Some security leaders had seen cases of voice spoofing and “vishing.” CISOs discussed how their teams can be trained to verify what is real and what tech tools can help process calls and emails.
   
   In addition, cloud services are increasingly being targeted, and “Shadow AI,” or the unapproved or unauthorized use of AI, is emerging as a new insider threat. One security leader noted that they have a “concern about how shadow AI could impact our business.” Another CISO shared that as employees increasingly want to use AI, including public models, “it’s like playing whack-a-mole to try and shut things down.”
2. CISOs are trying to raise awareness and implement guardrails around data security and privacy. Data security and privacy are critical challenges—especially with employees not fully understanding the risks of uploading sensitive information into GenAI tools. Security leaders think guardrails and training are needed to prevent oversharing. One CISO gave an example of metrics that an employee put into a GenAI tool, and then the data was referenced by the tool in other outputs later.
   
   Another security leader noted that data security “should be treated like phishing and social engineering and have training around it.” They believe, as one said, that safeguarding data “as always, is about people, process and technology.”
3. CISOs are working to improve their organizations’ readiness and cyber resiliency. CISOs shared that tabletop exercises are common, but some believe that their stakeholders do not take them seriously. One executive said, “There is no urgency around the results of the tabletops.”
   
   Security leaders are implementing mitigation strategies and creating playbooks, including clear communication plans and realistic exercises. They advocate for “making the tabletops as real as possible” and “getting the right stakeholders involved,” and even determining “who pulls the plug, if necessary.”
   
   They agree that continuous improvement is needed to keep pace with evolving threats. Some CISOs see a gap between their security teams’ level of urgency and the rest of the organization, slowing down decision-making and preparedness.

The discussion highlighted the accelerating threat landscape due to AI, the persistent and evolving risk of social engineering, and the need for stronger data security and privacy practices. CISOs agreed on the importance of realistic, organization-wide engagement in resiliency and response efforts. Some felt that they have good awareness in place, while others believe there is more work to be done. As one CISO said, “There is always something that is going to fall through.”

CISOs can continue the conversation on cyber resiliency with peers at an upcoming community gathering. Current members can sign in to the app to find and register for events. If you are new to Gartner C-level Communities, apply to join your local CISO community to connect with peers on your top priorities.
 

Special thanks to CrowdStrike.

By CISOs, For CISOs™

Join the conversation with peers in your local CISO community.