Surveys suggest that the average tenure in a CISO position is around 2 years. Nothing will change until the profile of the CISO is raised and they start to see their role over the mid to long-term
Category: Information Security
There seems to be confusion in corporate America about whether or not to delete data. On one hand, there are legal departments that advise keeping everything forever, and on the other are those that recommend deleting everything as a matter of policy as soon as possible — whacking away at files and folders on your file servers like a drunk landscaper whirling a weed whacker around your yard. Meanwhile, IT is stuck in the middle trying to develop and engineer systems to enforce ever-changing data retention policies.
The GDPR is not just about Security, but it has been dominating the life of many CISOs since last year. What does that mean in practice for the CISO? and why would a CISO be worried?
NIS – another EU Directive to follow it’s an attempt to provide a more secure IT platform for everyone
While you are all (I hope) thinking about GDPR, just a brief heads-up on another EU initiative that will also still be important post-Brexit. The NIS Directive is the first piece of EU-wide legislation on cybersecurity. It provides legal measures to boost the overall level of cybersecurity in the EU. The NIS Directive has nothing to do with GDPR directly, but there are some similarities with it and GDPR compliance may help you with NIS compliance. It comes in on the 9th May, 2018, before the UK leaves the EU, but the UK is committed to following it post-Brexit.