Intelligent CISO Issue 10 - Page 53

COVER STORY regulations have also raised customer awareness around privacy – helping people to understand how their data is being used but also encouraging them and the businesses they use to take care of how they handle the data they have. Best practice advice for CISOs when assessing which solutions are best for their organisation/business It is important to get the basics right first and this isn’t easy to achieve. The majority of breaches start off with something simple such as clicking onto an email with recent research showing that the majority of breaches start with a phishing email or compromise of known vulnerabilities. It is critical to have the right solutions in place to protect the business and to continually monitor these tools across the board to ensure they are working as expected. I also encourage my team to work with peers from similar environments. I often network with other CISOs as this is a Managing and understanding the huge breadth of data held by the business’ systems is essential to ensure cybersecurity It is essential to evaluate how different solutions solve real world problems. CISOs should always approach procurement from the point of view of what that solution will bring to their business specifically. This includes how it fits with the rest of their security architecture and processes, considering the impacts of implementing it from management overhead, useability to process changes that may be required. Understanding the challenges your business faces enables you to safeguard your business against them in the best way possible. Looking ahead: threat evolution over the next few years By 2022, it is predicted that the total number of connected ‘Internet of Things’ sensors and devices are set to exceed 50 billion – this is an increase of 140%. While this will no doubt increase convenience and make life easier in many ways, this increased connectivity also multiplies the external touch points and risks faced by businesses. It will be more important than ever to ensure that as more physical products such as pacemakers and connected cars move online, these devices and sensors remain secure and maintainable to close off the path for potential threats. The importance of collaboration in cybersecurity We need to continue collaborating; move beyond just sharing intel to really working together to improve security for all – many of us are solving the same issues so let’s do it together. Programmes like this are invaluable in addressing skills shortages as they bridge the gap – educating students about the industry from a young age. The global impact of GDPR great way to share ideas and learn from each other. We’re often trying to solve the same problems – so it is always useful to find out what other people in similar environments are doing and what solutions have worked well for them. GDPR has improved the focus on what data people collect and how that data is handled. Since implementation, the The whole idea is to get better together through collaborating and sharing as much as possible. | Issue 10 Our teams are critical, we need to continue building high performing teams and work really hard to give your people great career progression. It is also key to understand your business. This is fundamental to protecting it from any challenges or threats and helping the business to stay secure overall. u 53