Cyber security has transformed from what most viewed as an IT issue to a central business concern, and the CIO and CISO roles are shifting in response. If we’re to keep up the pace and adopt emerging technologies, security needs to be a priority and CIOs and CISOs need to work together to mitigate risk in organizations across industries and throughout government.
What we are seeing across the region is that it is not one specific country being "hacked" more than another - but what we are seeing that the cyber criminals are looking for general weaknesses in our environment.
I see that more and more companies across so many sectors are embracing (although perhaps not loving) the CISO role as a critical decision-maker and influencer.
Everyday can be a D-Day for me and I love to celebrate success, no matter how small it is!
First thing I do every day is check email and LinkedIn; normally on the train. I like to get this touch base out of the way before I get into the office so I can map out a plan for my day.
Many of the big name organisations have recently boosted their security divisions by securing top ranking IT security heads.
It's hard to describe an average day at IAG. So far no two days have been alike. My days are a combination of setting strategy, making various choices, engaging with my team and colleagues and making things happen.
An average day includes a variety of meetings, project reviews, steering committees, strategy sessions, presentations and briefings.
I try not to settle into predictable routines, but there are a number of tactical priorities I like to address at the start of the day. Things like reviewing threat intelligence, checking over the managed security service dashboard, and checking in with the security team for status updates.
Each day is potentially very different and I expect the work I do day-to-day to change over time. Right now I’m spending time helping the IT team to design security into the foundation of some work we have underway.
A lot has changed since the early years, when enterprises first began embracing the CISO position. Back then, the CISO role was primarily a technical one: control user access, secure the databases, find and patch vulnerabilities, keep the malware out, and eventually to help build secure websites and eCommerce platforms. In those days, most of the highly proprietary data resided within the local area network, the data center, or within PCs and notebooks.
When it comes to information security, there are a lot of "misperceptions" and "exaggerations" about both the threats facing businesses and the technologies that might be used to protect their important data assets, according to Gartner analyst, Jay Heiser.