Validation of the cybersecurity posture: discussion by the fireside with Arkadiy Goykhberg, CISO of DMGT

Working in cybersecurity is an exciting but humbling experience. It is a discipline where you can never have enough details, good practices and lessons learned from examining the mistakes made by others. Learning from peers has always been essential. Recently, I had the chance to host a fireside chat with Arkadiy Goykhberg, CISO at media and business services giant DMGT.

The challenge: the company’s drift due to ongoing threats

According to Arkadiy, most organizations seek to mitigate risk through a compliance or informed threat defense lens. Several attacks on other newspaper publications made him feel that the latter applied more to the DGMT. The threat to the business revolves around two things, he says: the actors of the threat and the drift of the business setup.

The change in security posture increases daily as threat actors, whether financially motivated or state actors, evolve their tactics, tools and procedures (TTPs). As the water finds its way into all available openings and cracks, so do the attackers. Business drift occurs as the unintended consequences of daily configuration changes in the business environment. Whether it’s routing configuration changes, firewall rules, group policies, proxy changes for URL whitelist or SSL inspection, email domain whitelist , certificate expiration and the death of key processes due to software flaws, these can potentially weaken the company’s cyber-resilience posture and security coverage. gaps appear and widen over time.

Integrate a software development methodology into cybersecurity

Strong supporter of the application of software development methodologies to the management of complex architectures and cybersecurity, Arkadiy believes that performing continuous and automated regression tests was the best way to ensure that the effectiveness of the controls was maintained. security over time.

Establish a baseline for an evidence-based cybersecurity discussion

The objective of the search for continuous security validation solutions was to obtain a clear basis of DMGT’s security posture, to facilitate a fact-based risk management and cybersecurity investment strategy with the management, as well as optimizing security technology and operational processes with its staff. Have a small team and limited time. Arkadiy considered several solutions and chose Cymulate.

Experience with Cymulate

Deployment: The Cymulate solution was easy to deploy and quickly showed value in the form of basic regression test results and executive reports.

Impact on companies: Arkadiy quickly understood its cybersecurity baseline, gained visibility, found gaps and configuration errors in its security controls and processes. He could clearly measure and explain TTP coverage, map it to threat scenarios previously discussed with management, and develop a plan to improve coverage and control effectiveness. After the implementation of the proposed plan, the improvement in cyber resilience could be measured, demonstrating the return on investment. Operationalizing this process maximizes risk reduction for every dollar and hour spent on improving the cybersecurity architecture, making it easier to develop justifications for additional budget, if needed.

Continuous security: Cymulate updates the solution 24/7 to incorporate new Indicators of Compromise (IoC) and new tactics, techniques and procedures (TTP). The tests developed by Cymulate are current and relevant, and provide actionable recommendations for improvement, allowing security teams to invest their time in analyzing the results, rather than spending limited time on research, development and validation of test cases.

Everyone wins: Arkadiy also noticed that Cymulate was valuable to many stakeholders in his business. Tech teams used it at a more granular level to understand why tests failed and what needed to be fixed, Arkadiy used it at a higher level to understand current trends, changes to the baseline and to explain the gaps and the resulting risks to company management.

“With Cymulate we get better, you can easily establish a baseline and measure progress over time. I am informed of my current condition, where I have gaps, where I have overlaps in defenses, where we need to make additional investments and where I am recovering the costs due to the overlaps.

The full fireside chat video can be viewed here.

For more information visit and sign up for a Free try.

Margie D. Carlisle