El Diario del CISO El Diario del CISO (The CISO Journal) Edición 21 | Page 4
Influencers
Aaron Pritz
President AP&A (Cyber Security, Privacy, and Risk Management
Boutique Consulting)
CISO of Tomorrow
The explosion in media coverage surrounding cybersecurity and
privacy over the last few years has brought awareness of these risks
and incidents to an all-time high at board and executive levels. Still,
many question whether the commitments made in this moment of
heightened awareness are “real enough” or persistent. Many
companies still lump the information security organization into IT
(which often has high expectations to cut costs and optimize
headcount)
The complete article is here
Kristin Burnham
Seasoned writer, reporter, and content strategis
4 essential CISO skills
Facing rampant cybercrime and increasingly complex technology
environments, companies are doubling down on security. In many
cases, that means elevating the role of the chief information
security officer and giving CISOs responsibility for risk management,
which has typically been the domain of the CFO.
The complete article is here
T. Grey, CCISO
Technical Leader |Cyber Risk Management |Program Builder
|Regulatory Compliance |App Sec |Malware Whisperer |US Expat.
Closing The Gap On IT Security’s Business Engagement
Problem – Part 1 – The Issue Defined
While speaking at conferences or working with cyber teams, people
sometimes look at me like I have three heads when I suggest that IT
Security teams own very few business processes. This is an
important concept to grasp in order to successfully mitigate cyber
risk. IT security practitioners certainly own some very specific
processes and some seem to have been delegated to IT security in a
de facto way but the reality is that most business processes that
need to be secured or matured are owned elsewhere.
The complete article is here
Helen Patton
An Information Security/Risk Professional, interested in how we
operate Cyber while the world swirls around us. What makes an
effective Security Pro?
What Do CISOs Want, Anyway?
I spend a fair amount of time with other Chief Information Security
Officers (CISOs), discussing Information and Cyber Security, and
telling war stories about life in the trenches. As with all professions,
there is an external face (what we tell our Boards and Leaders and
Customers) and an internal face (what we tell each other). Mostly,
these are the same things, just told with different language and
perhaps with a different emphasis. Sometimes, they are not the
same thing, because we recognize that our non-Security friends
aren’t ready to hear what we have to say, or don’t want to hear it,
so we don’t waste our breath. I thought I would brain dump a
generic list of these things, for your consideration.
The complete article is here