There is so much in the news about cybersecurity, data security, personal data, data sharing, the list goes on and on, and it’s often distressing to try to comprehend it all.
Try being a Chief Information Security Officer (CISO), where your entire job is ensuring data security and therefore the security of potentially thousands of employees and clients under your companies umbrella. Since the first CISO position was created in the late 90’s (held by Steve Katz at Citigroup), CISOs have protected their organizations from an ever-evolving variety of threats, and adjusted to a higher profile in the C-suite.
No matter the industry or company size, what are the common themes in the job role of a CISO?
- Security Operations. The real-time analysis of threats, including watching the tools that monitor a company’s firewalls, entry points, databases and other internal environments.
- Cyber risk and Cyber Intelligence. The key part of this is to actually get out ahead of new types of attacks that could be harmful, business deals that could introduce the risk of a breach or new products that might weaken security.
- Data Loss and Fraud Prevention. Whether its people emailing out sensitive information, or insiders stealing intellectual property when they quit… the CISO is responsible for using tools that monitor the flow of information in an organization, to spot when large amounts of data are leaving the company.
- Security Architecture. The CISO is tasked with building (or rebuilding) the security backbone of their company- where, how and when firewalls are necessary.
- Identity and Access Management. CISO’s and their teams maintain who has access to which tools, such as who gets which email addresses and how rapidly those credentials are taken away when somebody gets fired.
- Program Management. Once a company has measured its risks, gathered intelligence and mapped where its data is going, it may find some gaps. To fill those gaps, companies create projects and programs.
- Governance. Good governance can involve setting up a framework based on factors important to the business and making sure the entire cybersecurity organization is functioning well. A lack of governance can lead to big problems, such as CEOs never getting a clear picture of significant cyber problems in their organization, or senior officials never getting properly trained on how to spot phishing attempts.
So, with all of that in mind, how are leading, modern CISO’s looking to mitigate operational, reputational and financial risks?
Let’s take a look at the five strategies ServiceNow has identified in their eBook Five Strategies of Leading CISOs.
1. They Automate.
In a study done by ServiceNow, 28% of CISOs say that manual processes are a barrier to effective security. By automating security tasks (both routine and strategic), CISOs can actually deploy their limited resources to make better decisions, respond quicker to threats, and anticipate future dangers.
2. They Prioritize.
By failing to prioritize, even the best organizations can be paralyzed by incoming threats and breaches. CISOs can avoid this by orchestrating processes, as well as automating responses and remediation tasks, and ultimately improve their ability to respond to threats in a timely manner.
Imagine one, perhaps all too familiar scenario: Someone at your company uncovers a threat, and the security team scrambles to address it. Your CISO hears about it and wants to know if a meaningful organizational risk is involved. The team races to assess systems and determine who needs to approve any emergency patching. Many processes are manual, so analysts struggle to quickly gather the information required to provide the CISO with an accurate assessment of the impact. Critical systems may be vulnerable, putting the business at risk of a serious data breach.
3. They Partner with IT.
93% of CISOs say information from IT is an important source of truth to security functionality. Analysts (human or machine) need to know exactly which systems are affected by a security threat. This required connected workflows, shared platform access, and task tracking.
4. They have a Strong Focus on Talent
With increased automation and prioritization, CISO’s are increasingly looking to enable their employees to perform higher value tasks.
But more than just higher-level tasks, CISO’s are also looking to (or should be looking to) expand their teams beyond just data scientists, engineers, and computer science specialists.
“People coming from computer science or engineering are good, but we need someone with philosophy or psychology skills, too. We need to know why people would click on a link, or how people are thinking in order to change how we are operating.” Daniel Conroy, Former CISO, Synchrony Financial tweet
5. They Have a Business Strategy…and Security is at its Core
Security is multi-disciplinary, and as such should be one of the foundation blocks in any business strategy. Everyone needs to agree that security is one of an organization’s core strategic initiatives. To get executive buy-in, create advanced real-time dashboards and reports to share across the organization to refine response processes, identify tasks, and have more confidence in security posture.
Dive into each of these strategies by downloading the complete ServiceNow eBook.