The situation the new CISO finds on arrival is often different to what they were expecting, but who’s to blame?
Way beyond the justification of ad-hoc investments and pet-projects for the CISO, metrics have to be at the heart of the sound security practice, but they must be focused on tracking progress in time in support of a long-term transformative vision.
The CISO role has never been more important. The firms that fail at appointing a new CISO are those which rush and push an inexperienced techie in a poorly defined role. Positioning the role accurately in relation to the firm’s objectives around security, thinking it as a senior leadership role, and taking the time to find the right leader are the keys to long-term success.
Over the last few years you can’t have failed to notice a number of factors coming together in a potent mix, creating the opportunity for “digital transformation” availability of data, the power and availability of technology, mobile and cloud computing,...