Five Proactive Steps CISOs Can Take During Times of Instability

As the world becomes increasingly technology-dependent and data-oriented, cyber risks are only going to rise. There are several disruptive forces at play: an increasingly complex, remote and perimeter-less workplace environment, rapid digital transformation, an evolving regulatory landscape, supply chain bottlenecks, cross-border conflicts, distracted employees, cyberattacks and so much more. A single disruption or destabilization can result in unforeseen consequences.

The chief information security officer (CISO) has never been more critical as a subject matter expert, advisor and guide, someone who keeps the organisation resilient in turbulent times. So when security incidents occur (and no doubt they will), what should the CISO do to demonstrate real value to the business? The steps outlined below will help CISOs shift from being reactive to proactive and improve the resilience of their organisation to respond to threats.

1. Continuously monitor and report on the developing situation
2. Speak to the audience in their own language
3. Focus on the resilience of high-risk assets
4. Ready the business for incident response
5. Be a present leader.

Every Crisis Spells Opportunity

The majority of CISOs believe that every crisis provides an opportunity for businesses to raise their cybersecurity profile. CISOs must therefore learn and adapt at every such opportunity and establish monitoring systems and KPIs to measure security performance. Finally, CISOs must be able to position security incidents not simply as cybersecurity issues but as corporate crises. A crisis can be a defining moment for shaping the resilience and identity of an organization. In times of instability, we don’t just need managers to manage the problem; we need leaders who lead people through it.

Read the full article here