Why CISOs need to build cyber fault tolerance into their business

2024-06-10 04:00

CISOs who elevate response and recovery to equal status with prevention are generating more value than those who adhere to outdated zero tolerance for failure mindsets, according to Gartner.

"Each new cybersecurity disruption exposes the fact that CISOs manage more through adrenaline than intention, which is unsustainable," said Dennis Xu, VP Analyst at Gartner.

To begin the journey toward augmented cybersecurity, Gartner's label for a cybersecurity function that has elevated response and recovery to equal status with prevention, CISOs should prioritize three areas of activity: building cyber fault tolerance in the business, streamlining to a minimum effective cyber toolset, and building a resilient cyber workforce.

Gartner recommends that CISOs work to build cyber fault tolerance into their business by focusing first on two areas of business activity where preventative cybersecurity measures are very visibly underperforming: generative AI and the use of third-parties.

Cybersecurity's real impact lies not in asking more due diligence questions, but in ensuring the business has documented and tested third-party-specific business continuity plans in place.

One of the places that the zero tolerance for failure mindset is most embedded is in cybersecurity's approach to technology.

News URL

https://www.helpnetsecurity.com/2024/06/10/cisos-activity-areas/

#ciso