You don’t become a transformational leader overnight, in particular if your background, your skills and your core interests are centred around the more technical aspects of cyber security.
Culture and governance are key to drive change around cyber security behaviours, but too many awareness programmes focus simply on superficial technical gimmicks. JC Gaillard from Corix Partners deconstructs 3 clichés which have been dominating the security awareness arena for the past decade.
Cyber Security maturity stagnates because CISOs are structurally prevented from looking beyond day-to-day firefighting
Clarity of roles and responsibilities across Security and IT, and a clear approach putting People and Process first ahead of ready-made Technology solutions, form the only basis on which cyber security maturity can grow, across any organisation, large or small.
As we look towards the next decade, the industry must pivot towards a clearer execution focus: Security cannot be seen any more JUST as a matter of risk appetite or as a box-checking exercise