Part 2 of Interview with Enoch Long
As cyber threats become more sophisticated, the need for visibility across your organization’s cyber asset environment and proactive strategies has become increasingly critical. According to Enoch Long, Field CISO at JupiterOne, true visibility goes beyond asset tracking and instead should encompass people, processes, and technology to create a unified defense. In Part 2, Enoch dives into actionable advice for security leaders, including the importance of asset management, strategies for adapting to evolving threats, and critical trends that will shape cybersecurity in 2025. If resilience is the goal, visibility is the foundation—and Enoch offers insights to help organizations build both.
What advice would you give to security leaders and practitioners as they work to protect their organizations from evolving threat actors?
In today’s environment, your security strategy must start with a clear understanding of your attack surface—knowing your assets, and where they reside. In the past, security teams focused on log management and monitoring network access without integrating asset management into their approach. With the rise of hybrid environments, cloud infrastructure, and distributed networks, you need to understand every asset—where it resides, how it’s connected, and what vulnerabilities it presents. An asset isn’t just an item on a checklist; it’s a potential entry point that needs to be secured and monitored.
As organizations adopt more federated IT models and hybrid cloud setups, many business units operate with their own quasi-IT teams, deploying systems and SaaS applications autonomously. Security teams must ensure that even with this decentralization, asset management and security standards are consistent across the organization. Establish clear protocols for asset discovery, vulnerability tracking, and continuous monitoring to maintain a unified security posture, regardless of where the assets are located or who manages them.
My top recommendation is to focus on improving the storytelling around incidents and near-misses. Often, the things we "just got lucky on" can be powerful learning moments and a compelling way to communicate the importance of proactive security measures to leadership. Dig into situations where luck played a role. For example, maybe an employee didn’t click on a malicious link, or maybe a threat was caught by chance rather than through a well-designed control. These close calls highlight vulnerabilities that need addressing, and they provide stories that illustrate the risks clearly to executives and other stakeholders.
Many near-misses can be traced back to incomplete asset management, outdated configurations, or a lack of visibility into the environment. By connecting these incidents to gaps in asset management or inventory, you provide a practical context that shows where better resources, tools, or processes could make a difference. Convey that relying on luck isn’t sustainable while demonstrating an urgent need for proactive improvements.
Looking at trends, how important is visibility in cybersecurity in the evolving cybersecurity threat environment?
Visibility means more than just knowing where your devices are; it’s about having a comprehensive understanding of your people, processes, and technologies. True visibility isn't simply tracking assets—it's about knowing who’s managing them, how they’re being used, and how they fit into the bigger picture of your operations.
Starting with a clear view of the people supporting your infrastructure. It’s not just about knowing roles but understanding who manages specific devices, applications, servers, and connections. Security is most effective when it considers the operating model—knowing who’s responsible for what and ensuring they have the context needed to make informed decisions.
Beyond asset tracking, true visibility extends into how systems are deployed and managed throughout their lifecycle. From deployment in production environments to manufacturing and operational sites, visibility requires insight into every step, from inception to production. Knowing the lifecycle of each asset and the processes that support them gives you a deeper understanding of potential risks and areas to monitor.
While it’s common for organizations to use 30-40+ security tools, visibility requires going beyond simply having these technologies. It's about configuring each tool effectively, ensuring they’re logging appropriately, and collecting the right data for meaningful analysis. When your technology stack is not only comprehensive but also configured with purpose, it transforms raw data into actionable insights.
In the evolving threat environment, true visibility is the fusion of people, processes, and technology into one cohesive approach. It’s this level of visibility that equips security teams to respond swiftly and proactively, maintaining a strong defense against an increasingly complex threat landscape.
What cyber trends are you seeing for 2025?
When it comes to key security trends, this varies based on an organization’s level of maturity. More mature security programs tend to look beyond the immediate buzzwords and dig into threats and trends that may be overlooked. Here are four critical trends I see security leaders at more mature organization are tracking closely:
● A few years back, supply chain attacks were all over the news, and while this has quieted down, mature security leaders haven’t forgotten. They know the risk is still very real and likely to resurface. Organizations still rely on interconnected software, so keeping an eye on supply chain vulnerabilities is crucial to staying a step ahead.
● AI is the hot topic, but not all of the excitement translates into practical use cases. A lot of experienced teams are taking a step back to sort out what’s real and useful versus what’s marketing fluff. They’re asking tough questions about measurable impacts, focusing on AI applications that add value today instead of getting caught up in futuristic possibilities that the organization may not even be ready to handle.
● With data moving in and out of systems, countries, and even cloud environments, data protection is more critical than ever. Security leaders are now treating data like an asset, asking not only where sensitive information is stored but also how it moves within and outside the organization. It’s about having a complete data inventory, knowing classification levels, and ensuring protection policies are in place wherever that data goes.
● Vulnerability management has stepped up a notch with Continuous Threat Exposure Management (CTEM). Rather than tackling vulnerabilities as isolated issues, CTEM helps teams get visibility across both internal and external attack surfaces, allowing them to prioritize based on real exposure. It’s a shift toward proactive threat management, merging traditional vulnerability insights with a broader attack surface view to help teams handle risks more strategically.
Cybersecurity is no longer just about reacting to incidents—it’s about staying ahead of them. As Enoch has indicated, building resilience starts with a clear understanding of your environment, from assets and vulnerabilities to the people and processes behind them. By prioritizing visibility and adopting proactive strategies, organizations can transform their security posture from reactive to strategic.
If you’re ready to take the next step in proactive cybersecurity, JupiterOne offers the tools and insights you need to uncover risks, prioritize actions, and secure your most critical assets. Learn more about how JupiterOne can help you build a resilient, future-ready cybersecurity program.
- By Chuck Brooks (President, Brooks Consulting International)
Original link of post is here
Comments