3 key issues facing modern CISOs

By on

The role of the chief information security officer (CISO) has evolved since its inception in the 1990s. In this day and age, CISOs are facing more pressure from internal and external stakeholders to ensure the business deals with bad actors appropriately.

There are three issues facing CISO today according to Pete Murray, managing director ANZ at Veritas Technologies.  

The first issue according to Murray has been the impact of COVID and the emergence of hybrid working.

Employees working from home creates a whole new threat vector for an organisation, Murray said.

“They don't know how secure my Wi-Fi is, and people are now far more mobile in their working habits this creates new and emerging threats,” he explained.  

The second is cyber and in particular the threat of ransomware, “The ongoing nation state and pervasive element of the cyber threat to all organisations, it's now an industry in its own right. You can now purchase ‘cyber-attack as a service’ and conduct a cyber-attack,” he said.

“It's a massive industry. Bitcoin has facilitated the payments of those ransoms. Ransomware will be another threat.”

The final issue is human error, Murray explained.

“[There is a] need to keep people trained and aware, to go through proper rehearsals and proper training. Not just a video that people follow and answer a few random questions at the end. That's not cyber awareness at all, you've got to treat it with a lot more seriousness than that,” he said.

According to Murray cybersecurity needs to be treated holistically.

“A CISO has typically looked at the front door or perimeter of an organisation and the recovery side of the business has been left to the infrastructure people,” he said.

“Backup and recovery has often been seen as a tax or an insurance policy at best when it comes to the holistic protection of an organisation but the ability to recover is equally as important as the ability to defend.”

© Digital Nation
Tags:

Most Read Articles