Founder and Managing Director - Corix PartnersLooking beyond the cyber security technical horizon into strategy, governance, culture, and the real dynamics of transformation
Great article and great depth of maturity. Risk, Compliance and Governance has made such a disruption that CISO modern role has fair operational, executive and strategic use apart from measures and Controls to avoid any breaches and disruption of key services to internal and external customers.
However there is some lack of acceptance and support from the executive leadership. Based on my experience so far. I may be unique in those odd circumstances however incentives doesn’t gets to the right deserving candidates. Just giving my own example recently prevented 3 ransomware attacks and nullified 1 major attempts. Still despite corrective and preventive Actions, new process and procedures, was just thanked and idle promises to own the CISO role. However it turns out to be some ignorant operations manager enjoyed the loyalty benefits and retained the position. The same manager was in charge as CISO 1 year back when another ransomware attack occurred and the management reacted by paying bit coins. Imagine the present state again….