How much Secure is Safe?

Regardless of how safe and secure any organisation may think its IT infrastructure is, they realize that they are still not immune to information security threats. In addition to deploying the right tools and technology, organisations globally needs to develop a robust and competent workforce equipped with the necessary skills to adequately defend its IT infrastructures. These cyber defenders need not just basic trained to sufficiently defend against mounting security threats, more than ever; they now require advanced security training. Information security professionals are required to stay up-to-date on the latest security technologies, threats and remediation strategies. Align security with their strategic business objectives some tough decision-making.

(Read more:  How to choose your Security / Penetration Testing Vendor?)

It’s impossible to separate the concept of ‘security transformation’ from the pragmatic day-to-day discipline necessary to achieve it. In order to transform our security infrastructure, we must ensure that each security project clearly maps back to the organisation’s strategic business objectives. We have to be ruthless when it comes to making tough decisions about the kind of information security investments we are willing to authorise and support. Ensuring that our security investments support our business strategy is a critical litmus test for any CISO. Every discrete security project must align with corporate strategy in order to make the cut. Otherwise, it is not going to drive our business forward.

With the mission of security expanding, the chief information security officer (CISO) faces a new test of leadership, one that requires essential disciplines in planning and communications. As CISO, we are responsible for managing the crucial links between information security and operational performance, brand protection and shareholder value. It is a job that continues to change, and we are the executive most keenly aware of the extent to which security—including how our organization and others elect to align, harvest and sustain its value—is undergoing a transformation.

(Read moreProactive Security Management - The next BIG focus)

 
Security is a crucial partner in helping manage organizations. As the scope and complexity of technology’s contribution increases, so does the role of security. But a change to security’s typically fragmented infrastructure is needed, one that promises to yield strategic cost savings for companies that address security from a comprehensive perspective.

Security is now critical for maintaining a competitive posture. Once seen only as the first step in asset protection, today’s security plays a critical role in enabling the exchange of sensitive information with other organizations.

Security is essential for compliance. When addressed as a whole, security can reduce the cost and increase the effectiveness of compliance

These and other trends reinforce the importance of having ready access to a comprehensive set of managerial tools and disciplines in security management, along with a customisable means of communicating, to executive colleagues and other constituents, the value, status and impact of security.

I believe that in order to position ourselves and our organisation for success, we must be able to think, execute and deliver results along strategic dimensions. This means the ability to assess, analyse, strategize, align with the business, and communicate the value of security.

CISO plays beyond 127.0.0.1….!!

More:  Join the community of 1400+ Chief Information Security Officers.  Click here

 

E-mail me when people leave their comments –

You need to be a member of CISO Platform to add comments!

Join CISO Platform