Incorporating a Defend Forward Strategy

Organizations today are often faced with the realities of living with a “reactive security” program that can sometimes appear to be waiting for the threat to materialize before defensive measures are taken.  This has driven public and private sector cyber-leaders to unite behind a broad reaching initiative called the Cyber Defenders Council.  This independent group of leaders are focused on developing leading practices and guidelines organizations can employ to incorporate a Defend Forward strategy that focuses on defending with an offensive mindset. This approach allows organizations to proactively disrupt or stop malicious activities before the targeted points are impacted.

With this, I sat down with David B. Cross, Senior VP and CISO of Oracle SaaS Cloud to better understand his and Oracle’s role within the Cyber Defenders Council and how this grouping of cyber leaders is working to impact public and private sector entities.   

GREG) In a time with ever increasing security and privacy regulations around the globe, what purpose does the Cyber Defense Counsel play with public and private sector entities?

DAVID) First and foremost, the Cyber Defenders Council is an inclusive group of global private and public sector cybersecurity leaders that have united to defend and collaborate against common cyber enemies.  We have all universally agreed that well financed and politically motivated adversaries are difficult to defend individually or without a coalition across all industries and governments.  Together, we are able to use our aggregated insights, wisdom, and collective aligned defenses to combat and deter attackers before they strike.

GREG) Who are the members of this council and what type of role do they represent? (i.e., public, and private sector security strategy leaders? Researchers? Solution providers/ISVs? End customers in key industries?)

DAVID) The Cyber Defenders Council are primarily CISOs or equivalent roles on the private sector side and corresponding peers in global government and public sector roles.  They are not comprised of solution vendors to market solutions or products, but instead are holistic cybersecurity leaders with diverse experiences and skills that complement each other.  By approaching the risks and threats within the global community using an inclusive approach, it provides a much stronger defense that ultimately improves the quality and strength of the common defense.

GREG) Is this an enforcement arm via regulation or do you see this more of promoting a leading-practice across various disciplines or principals in IT security?

DAVID) We see the Cyber Defenders Council as a global cybersecurity community that are united in common goals and defenses without being limited by vendors, solutions, or geographies.  Many businesses and organizations do not have the direct information, resources, or knowledge to independently defend against the increasing cyber criminals and nation state attackers.  With an aligned voice, network, and connections, the council is able to impact change, strategies and defenses that would not be possible as individual entities.

GREG) Does the council see a natural convergence between corporate governance and cybersecurity accountability, or are these still way too different to accept a convergence?

DAVID) The Council unanimously agree that common threats and risks requires collaborative sharing of information, indicators of compromise, and threat intelligence across all entities is necessary for a unified defense.  Although the roles across businesses, organizations, institutions, and industries are very different in their offerings and experiences, this is the strength and value of the diverse coalition.  They bring an aggregate strength of experiences, insights and information that is not readily available across all the different organizational and business verticals.  It is not about individual accountability; it is about collective strength and support that makes the defense much stronger than individual entities.

GREG) What are the key observations and findings that the council identified in their most recent gathering (Q2 - 2022)?

DAVID) The most recent assembly of the Cyber Defenders Council explored a new challenge and opportunity on how new regulations might reduce cyber risk and improve resiliency.  Many businesses today and associated stakeholders are viewing cybersecurity as an abstract risk without clear and consistent expectations at all levels.  The discussion on how to bridge the risk and improve the resiliency of systems spawned a new consideration on how corporate governance regulations might assist.  The proposed strategy is how cyber regulations might assist in reducing the gap between business and security leaders regarding the steps needed to mitigate risks and threats and have clear corporate accountabilities that are publicly measured.  The released report and associated discussion highlights the common need and desire for improvement in closing the common gaps in order to have stronger resiliency and defense in all organizations. 

GREG) Can you elaborate on how Oracle is using this DEFEND FORWARD model to reduce operational risk for our customers?

DAVID) Oracle is a founding member of the IT-ISAC Critical SaaS SIG, whose purpose is to provide a safe forum and vehicle for critical SaaS companies to build and improve a collective defense strategy.  Oracle and the other members are working to collaborate with other members proactively and reactively on threat actors, industry activities, threat intelligence and best practices for response for security events.   The Critical SaaS SIG is a perfect example of how the industry and community can defend forward and break down organizational lines to have the strongest position for current and future issues.

The work of the Cyber Defenders Council is not only an in-depth effort, but a highly expansive program that is ongoing. To better understand the work of this team and how your organization can benefit from these leading practices, we encourage you to download the new report published by our partner, Cybereason.  This in-depth report covers the 6 key focus areas that these industry leaders are focused on to help promote a Defend Forward strategy.