CISOs have a complex job balancing risk with the threats and business challenges that face an organization.
From increasing board awareness into the role security plays in company strategy to constantly changing regulations, the advancing threat landscape presents complexity that needs to be managed in a balanced way.
In this video Hadi Hosn, SecureWorks Head of Security Strategy and GRC Consulting in EMEA, gives a quick overview of some of the challenges CISOs are faced with everyday that require a delicate balancing of risk acceptance.
The role of the CISO has recently grown in complexity for a number of reasons. There’s a regulatory compliance requirement organizations are facing a number of different regulations globally, and also in the region that they operate in, but also industry specific regulations. Financial services is heavily regulated, the European union is more aware of security and they’re changing the regulations in that space. And accepting the risk as an organization is becoming very difficult because you need to justify that to the regulators. So with the changing regulatory environment CISOs have a complex job trying to address that.
Another reason the complexity has grown is because the organization’s executives, the board of directors are, more aware of security. They’re more aware of what’s happening to other organizations, they’re more aware of the breaches, and they want answer wither their organization is susceptible to those breaches and the CISO needs to answers those questions very well. Another view of that complexity is also around the technology getting personal. CISOs have to manage bring your own device, cloud, mobile, trying to get big data initiatives that the business wants to invest in and trying to get that secured as an organization is difficult for a CISO to control individually.
The final view is, I believe, is around the changing threat landscape. The attackers are getting more commoditized but also there’s a lot of advanced threats, advanced persistent threats, facing organizations. Investing in both basic technology and the advanced technologies are complex in nature and the CISO needs to manage that in a balanced way.
The old approaches to cybersecurity are no longer adequate. It’s time for something new. Layered defenses can create almost as many problems as they solve, and security teams struggle to keep up with the threat. What you need is context across all your layers of defense with the right people, processes, and technology working together in concert. That’s how Secureworks can help. Using 20+ years of industry knowledge, advanced analytics, industry-leading threat intelligence, and the network effect of more than 4,000 customer environments, we provide world-class cybersecurity solutions to customers around the globe. This unmatched experience empowers our customers to be Collectively Smarter. Exponentially Safer.™
Our Managed Detection and Response (MDR) solution is comprehensive, powered by our cloud-native software Red Cloak™ Threat Detection and Response that uses AI and machine learning to deliver better outcomes for your security operations. MDR unifies telemetry from your existing security technology to maximize visibility, reduce complexity, and enable you to move at the speed of the threat. Learn more about how Managed Detection and Response uses contextualized visibility to improve your organization’s security posture.