Within security leadership associations and meetings, key decisions are made about paths forward in the security industry, driving us to become trusted advisors, to learn about CSOs’ pain points and challenges, and to devise a more effective strategic direction for my company.
It’s been nearly two years since we addressed cyber insurance in the Cyber Tactics column, so I decided to get an update from Bob Parisi, Managing Director at Marsh.
Cities big and small are making their way into the smart realm, putting sensors on everything from street lights to sensors, buildings to connected cars, and thus, making themselves “smart.”
There have been volumes written about the role of the CSO and how to gain a seat at the table in the C-suite. A relatively small number of CSOs have been able to convince their management that the CISO should be under their purview, citing the inherent mission conflicts that exist when the CISO reports to the CIO.
Analyzing the background of security leaders across the corporate security and risk management landscape, it is not surprising to see that a significant percentage of them have come from the public sector.
Mike Tyson notably said, “Everyone has a plan ‘till they get punched in the mouth.” So, how do you ensure the same doesn’t hold true for your company’s incident response plan when a real breach occurs? Enter the NIST Framework category titled Mitigation.