Intelligent CISO Issue 52 - Page 41

EXPERT OPINION

How the modern CISO can counter the growing cybersecurity threat

Since the COVID-19 pandemic , we ’ ve seen rapid development in role transformations across the C-suite , the CISO included . Ross Brewer , Vice President of EMEA and APJ for AttackIQ , explains how CISOs can benefit from data-driven insights through the use of automation , to secure their organisation against cyberthreats .
Ross Brewer , Vice President , EMEA and APJ for AttackIQ ecuring an

S organisation against an increasingly sophisticated threat landscape is a complex , yet crucial function in helping to protect the key assets of a business . The UK Government ’ s 2022 Cyber Breaches Survey found that almost 40 % of UK businesses experienced a cyberattack in the last 12 months , with almost a third of those experiencing an attack at least once a week .

An organisation ’ s Chief Information Security Officer ( CISO ) is responsible for configuring a cybersecurity programme to protect against these threats , but they are currently fighting a cyberwar on multiple fronts . UK Prime Minister , Boris Johnson , stated last year that : ‘ As cyber power is evolving on a greater note , we also need to bring changes in the way we are dealing with attacks . The way we are dealing with the situation is just like ( how ) we used air power 100 years ago ’.
The modern CISO should utilise the advancement of technology in the industry that now allows for organisations to test their cybersecurity programme at speed and scale , and through the use of automation allows businesses to move from a reactive , to a proactive , threat-informed defence .
The problem CISOs and organisations face
The cost , complexity and frequency of cyberattacks is increasing , as cybersecurity breaches are set to cost the world US $ 10.5 trillion annually by 2025 . This emphasises the need to stay one step ahead of attackers , by shifting from capability development to outcome-driven cybersecurity readiness and proactivity , when building an organisation ’ s strategy .
The effective testing and auditing of security controls is crucial in maintaining a successful cybersecurity defence as attacks increase . According to the 2021 Verizon Data Breach Investigations Report , CISOs now have an average of over 70 security controls to manage , an increase of almost double from just four years ago . But with misconfigured controls failing often , the cybersecurity tool sprawl CISOs face is compounded by a dynamic threat landscape that clouds their visibility into what is and www . intelligentciso . com
41