It’s essential that boards understand the organization’s cyber risks in order to successfully oversee overall company performance. CISOs and CSOs who can clearly convey cybersecurity to the board promotes better navigation of the organization in today’s uncertain cybersecurity world.
In my first column I invited you into the office of the CSO and the CEO of a company that had re-positioned itself as a security risk management services (SRMS) provider; a new category that I feel is emerging to address the need for a 360-degree view and understanding of an organization’s risk strategy, plan, processes and metrics.
The concept of remote decision making, while necessary in 2000, is not necessary today. Let’s use the significant security and power of existing IT networks, let it all be managed by IT and let security get back to their primary job, deciding who should get in and responding to those who should not.