What CISOs can do to be most effective in their roles

2022-03-24 13:03

Ben Smith, Field Chief Technology Officer at NetWitness spoke to the obstacles faced by those in the CISO role today along with what can be done to improve organizations safety and while remaining compliant with the new reporting regulations put into law.

"A lot of the CISO's day job revolves around technology, whether it's defensive technology or in some cases, offensive technology. One of the big challenges I think a lot of CSOs have today is where should that role be set in the organizations."

"Fast forward 12 years and that's not really a problem these days. In fact, if you're a CISO and you don't have board access, that should be a big red flag not just for you and your organization, but potentially for your career. In 2022, CSO should have access to the board. The board should be asking the CEO about the CISO and what his or her role is."

"The disconnect is that even though the CISO as classically defined tends to be a tech focused individual in the organization, the CISO is an executive at the end of the day," he says.

The strategy for CISOs to best protect the organization from external threats while remaining compliant with the ransomware reporting requirements recently put into law should be at the top of these workers' priority lists.

"Some organizations have started that conversation very productively because cyber insurers care about that as well. A good CISO in my book is somebody who has already had a conversation with the company that is providing the cyber insurance policy. That's a very important line of contact and connectivity that you want to already have in place so that when the ransomware hits, you know exactly who to talk to to get their recommended next steps."

News URL

https://www.techrepublic.com/article/what-cisos-can-do-to-be-most-effective-in-their-roles/

#ciso