[BreachExchange] How To Succeed As A CISO

Mon Jul 20 10:21:15 EDT 2020

https://www.forbes.com/sites/forbestechcouncil/2020/07/09/how-to-succeed-as-a-ciso/#2525d94630a1

The role of a chief information security officer (CISO) has gained
prominence in the past few years. In most organizations, the CISO
reports to a CTO or CIO. The CISO's job has become cross-functional,
dealing with different departments within the organization. The role
of a CISO has expanded in some organizations, and many CISOs are
beginning to report directly to the CEO. In some instances, the CISO
provides quarterly updates to the board about the security robustness
of the organization.

How To Be Successful

As security now transcends different levels within the organization,
it makes sense to build relationships within the organization. Coffee
time, lunch breaks or virtual video one-on-ones should be leveraged to
forge understanding between different groups within the organization.
The new pandemic has probably changed the methods of interaction, but
the end result still remains the same.

CISOs need to be viewed as enablers by other leaders in the
organization. Security should be seen in the realm of client
experience. Large organizations have project managers that run
multiple digital transformation initiatives. CISOs should interject
and build a working relationship with technical project managers in
the organization. Project managers should be trained to ask security
questions at different gateways in the project process.

CISOs should have not only good personal relationships with members of
the IT department but also build relationships with heads of sale,
marketing, operations, legal, billing and every other department. The
true message of security being an enabler needs to be communicated
with each of the leaders. This education or training now has become
even more important, so a good working relationship between the CISO
and each of the leaders becomes pivotal for the security health of the
organization.

Operational Challenges For CISOs

Security team composition becomes a challenge as IT and security
resources are strained. The trend in the past was to look deeper into
logs, alerts and events that systems generated to track security
behaviors. This has resulted in the market being flooded with systems
that help to pool logs, events and alerts. The end result is that the
teams are now oversensitized.

Innovation in the past few years has led to the development of
orchestration systems. These allow a security team to review and
monitor all the assets via a central orchestrated system for better
control. Adding automation and response has helped provide relief to
security engineers.

However, the complexity of merging multiple vendor systems into such
solutions has been a challenge. Managing such an orchestration system
involves building a security operations center (SOC). Running a SOC
team has personnel challenges, as security technicians can be hard to
find. It becomes imperative that leaders work on building a bench
strength of security engineers. CISOs should look at putting together
a growth plan for SOC teams via training and certification programs.
Security continues to evolve, and knowledge needs to be harvested.

Another approach to solving these challenges would be to outsource SOC
functions to other managed security service provider organizations.
SOC as a service is becoming more palatable, as there are several
options available in the market for CISOs to help their organizations
stay abreast of security alert and response. This can free up
resources to run blue and red team exercises. These exercises allow
teams to run simulated attack and defense routines to keep
preparedness at a heightened level within the organization.

Business Objectives And Risk

Security compliance is now becoming a customer requirement in every
industry. As the complexity of threats has increased, organizations
have moved toward strengthening risk protection languages in
agreements and contracts of their product and service offerings. CISOs
are tasked with ensuring all technology partners' agreements, and
contracts are reviewed to ensure that partners stay compliant with the
organization's security policies.

There is an increasing trend of CISOs working with their legal
counterpart to ensure the languages in agreements and contracts
adheres to the best interest of the organization. As digital
transformation initiative takes center stage, security challenges have
multiplied. Most digital transformation initiatives are geared toward
building better customer experiences. Security officers should start
looking at joining those initiatives to transform security into client
experience objectives.

Overall, the challenges of security will increase, and complexity will
continue to multiply year over year. The CISO's role in corporate
business will continue to strengthen as the world becomes even more
connected.