Cybersecurity

CISOs, Stop Focusing On Cybersecurity

IT security teams have become too disconnected from their business while focusing their attention on immediate security threats. They have become reactive to all cyber threats and incidents, while simultaneously attempting to demonstrate value by measuring technology success — a metric that mostly has no correlation to business success and therefore fails to make an impression with the executive board or employees.

This places CISOs in a difficult situation: Find a way to prove business value to the executive board and business peers or fail to get the much-needed funds that will ensure the organization will survive cyberattacks.

Stop Talking Cybersecurity

CISOs are suffering, and we need them to be successful. We have an image crisis that is only getting worse, and we need to rebrand ourselves — and become an enabler of the business and an innovator of technology.  In order for a CISO to succeed, we must change our path, and this means potentially rethinking our approach to cybersecurity.

CISOs must invest time listening to their executive board and business peers to learn how they measure their organization’s success. Our role within cybersecurity is not to simply put technology in place for sake of security, but to put technology in place that contributes to business success — while ensuring cyber risks are either reduced or eliminated.