Maxim Frolov, Vice President of Global Sales at Kaspersky Lab

 

As cyber-risks became a business issue, the role of the CISO in an organization has changed. The modern CISO is not just a head of department, responsible for implementation and management of security controls – like ensuring every workstation has the latest version of endpoint security, or making sure critical ports are not exposed to the internet. It’s no longer suitable for a CISO to make their company the most secure in the world as it can hinder progress and profitability. As a C-level executive, their role is now made up of two crucial and equally important elements. Firstly, to enable the organization to achieve their business goals – such as releasing better products faster than competitors, looking attractive to stockholders, and increasing revenue. And secondly to be a cybersecurity pro, and minimize the risks of cyberattacks that could threaten their business. Getting this balance right requires not only excellent security expertise and awareness of the latest technology trends, but a set of ‘soft’ skills, which may not come naturally to those who started their career in the IT department.

 

To help today’s CISOs succeed in their roles, there are four key skills to focus on.

 

1. Business acumen

 

In the good old days, the CISO was responsible for developing a defense plan based on their company’s IT landscape. This strategy is now insufficient and the modern-day approach needs to line up with the business vision. That is why almost every CISO job advertised, on Glassdoor and other sites, not only requires detailed IT security knowledge and a list of certifications, but also a business mindset.

 

As a result, CISOs cannot dismiss or prohibit a technology that their business would like to implement. They need to evaluate the risks associated with it and propose the most secure strategy that will not impede organizational progress. If staff need to have access to corporate resources from their devices, the CISO should implement a BYOD policy on the network.

 

In the words of an acting CISO, best practice involves advising others to become a risk manager as well as offering assistance and guidance to the business: “Before introducing any new technology in any department, I conduct meetings with those departments to ensure that their changes are not going against our security norms. Then we make the required changes so as to have proper integration with our network.”

 

2. Communication and presentation skills

 

Being an executive involves interacting with the C-suite and the board of directors. But with very few top managers having a security background, it can be a challenge to overcome and a CISO must develop rhetoric that ensures the board understands how serious the risks are, especially if you are used to speaking in IT jargon.

 

Although the ability to present complex ideas in an easy to understand manner has long been a vacancy cliché, the skill of translating cybersecurity language into business terms can fill in this communication gap. It may also help when it comes to the major headache facing every CISO – IT security budget justification. As the cybersecurity budget is often part of the overall IT expenditure, money can be prioritized for IT projects that demonstrate evident business profits and ROI. Communication skills, such as the ability to tailor information to a non-technical audience and creating strong arguments (penalties for non-compliance, damage caused by past attacks, breach reports) can prove that benefits far outweigh the costs.

 

3. Crisis management skills

 

According to a recent Kaspersky Lab report, 86% of CISOs think cybersecurity breaches will happen sooner or later, meaning that businesses cannot afford to be unprepared. Every office has an evacuation procedure that everyone must follow in case of a fire. Likewise, a company should have a strategy for when a breach happens, as panic and disorganization will only worsen the situation.

 

An action plan is not limited to changing affected passwords or recovering systems. To eliminate the attack quickly, it is essential to figure out who is responsible for certain actions and identify key contacts in other departments to inform first. These can include legal, PR, or customer success teams, who in turn, will be able to take part in resolving the crisis. If a breach happens, it is essential the CISO remains aware throughout an incident and becomes a link between stakeholders, who coordinates the information security team in their incident response activities, informs the business and advises further on how to resolve the situation.

 

4. Supervisory and leadership

 

With 62% of CISOs agreeing that there is a shortage in cybersecurity talent, it is becoming harder to find new security specialist. However, this is just the tip of the iceberg, and the main cause for concern is employee retention. A lack of security specialists means that workers have many job offers when they decide to change a work, as one CISO explains: “I’m a manager of very talented cybersecurity specialists, who are targets of multiple head hunters”. The lack of IT security labor force also increases the workloads of current staff, causing additional worry for security leaders. With a plethora of redundant and mundane tasks, are burnouts as inevitable as cybercrime?

 

As CISOs have a direct influence on security personnel, they should be a leader who people can follow, be a mentor who can support the team and find ways to motivate employees. Motivation isn’t limited to monetary incentives, it may include granting more decision-making authority, learning and professional development possibilities (for example, by attending and participating in security conferences), and even simple recognition of one’s hard work. What works perfectly for one person may not suit another, so to be an effective manager, a CISO must choose the optimal incentive or source of motivation for everyone in their team.

 

***

 

It is clear that the CISO’s role is challenging, as it requires a unique combination of soft, human skills as well as hard, technical skills. To be effective, a CISO must develop management and leadership qualities, broad IT understanding, a business mindset and cybersecurity knowledge.

 

While technical skills form the foundation of the role today, key factors will continue to affect the balance of skills needed in the future. For example, the rise Artificial Intelligence-powered defensive tools on the market to aid the fight against cybercrime doesn’t have to mean that robots will take our jobs as they cannot learn the soft skills we’ve discussed. The day might come where machines have better cybersecurity expertise than any human and be able to solve technical tasks, but if CISOs have soft skills – like team and time management as well as business acumen – then their roles will remain a necessity for businesses in the future.

 


RECOMMENDED ARTICLE FOR TECHWORLD


 
Realme to Officially Enter the Philippines on November 29th
Techworld Date Posted: 21 November 2018 1:31 PM | 296 Views
Realme, a fast-emerging smartphone brand in South East Asia announces its official arrival in the Philippines on November 29th, 2018. Established in May 2018, Realme aims to provide young people around the world with.... See More
 
Realme to Officially Enter the Philippines on November 29th
Techworld Date Posted: 1:31 PM | 296 Views
Realme, a fast-emerging smartphone brand in South East Asia announces its official arrival in the Philippines on November 29th, 2018. Established in May 2018, Realme aims to provide young people around the world with...See More

 
DJI Brings RoboMaster 2017 Finals to Twitch
Techworld Date Posted: 1 August 2017 3:35 PM | 284 Views
DJI, the world's leader in civilian drones and aerial imaging technology, today announced that the RoboMaster 2017 competition finals will be livestreamed exclusively on social video platform Twitch1. RoboMaster 2017 is an annual robotics.... See More
 
DJI Brings RoboMaster 2017 Finals to Twitch
Techworld Date Posted: 3:35 PM | 284 Views
DJI, the world's leader in civilian drones and aerial imaging technology, today announced that the RoboMaster 2017 competition finals will be livestreamed exclusively on social video platform Twitch1. RoboMaster 2017 is an annual robotics...See More

Rhea Sanvictores
ESGS 2017: The Summit of All Gaming
Techworld • By: Rhea Sanvictores | Date Posted: 30 October 2017 5:23 PM | 897 Views
Hailed as the biggest gaming event in Southeast Asia, the recently concluded Electronic Sports and Gaming Summit (ESGS) has just proven that it really is. . See More
Rhea Sanvictores
ESGS 2017: The Summit of All Gaming
Techworld • By: Rhea Sanvictores | Date Posted: 5:23 PM | 897 Views
Hailed as the biggest gaming event in Southeast Asia, the recently concluded Electronic Sports and Gaming Summit (ESGS) has just proven that it really is. See More

 
Kaspersky Lab: Phishing Scammers Target Avengers Fans
Techworld Date Posted: 10 May 2019 12:49 PM | 59 Views
The release of the finale of the epic two-part movie featuring the Avengers has attracted lots of attention, shattering box office records.. See More
 
Kaspersky Lab: Phishing Scammers Target Avengers Fans
Techworld Date Posted: 12:49 PM | 59 Views
The release of the finale of the epic two-part movie featuring the Avengers has attracted lots of attention, shattering box office records.See More

 
Transcend®’s DrivePro 550 Dashcam Provides Added Protection with Its Dual Lenses
Techworld Date Posted: 27 June 2018 1:17 PM | 573 Views
Transcend® Information, Inc. (Transcend®), a leading manufacturer of storage and multimedia products, is proud to announce the release of the DrivePro 550 Dashcam. Featuring a dual lens camera and a large viewing angle, the.... See More
 
Transcend®’s DrivePro 550 Dashcam Provides Added Protection with Its Dual Lenses
Techworld Date Posted: 1:17 PM | 573 Views
Transcend® Information, Inc. (Transcend®), a leading manufacturer of storage and multimedia products, is proud to announce the release of the DrivePro 550 Dashcam. Featuring a dual lens camera and a large viewing angle, the...See More

 
HyperX Now the Official Gaming Headset Partner of the Philadelphia 76ers
Techworld Date Posted: 24 October 2017 2:25 PM | 370 Views
HyperX®, the gaming division of Kingston Technology, today announced the official headset sponsorship of the Philadelphia 76ers, the first professional NBA team to partner with HyperX. During the 2017-2018 NBA season, HyperX will bringing.... See More
 
HyperX Now the Official Gaming Headset Partner of the Philadelphia 76ers
Techworld Date Posted: 2:25 PM | 370 Views
HyperX®, the gaming division of Kingston Technology, today announced the official headset sponsorship of the Philadelphia 76ers, the first professional NBA team to partner with HyperX. During the 2017-2018 NBA season, HyperX will bringing...See More

 
Snake Oil: In Q2 Spammers Cashed in on WannaCry Epidemics to Promote Fraudulent Services for Protection against the Notorious Ransomware Attack
Techworld Date Posted: 4 September 2017 3:30 PM | 278 Views
In Q2 2017, cybercriminals involved in spam distribution tried to capitalize on public fears when the WannaCry ransomware epidemic struck in May. Knowing that there are lots of people out there infected with this.... See More
 
Snake Oil: In Q2 Spammers Cashed in on WannaCry Epidemics to Promote Fraudulent Services for Protection against the Notorious Ransomware Attack
Techworld Date Posted: 3:30 PM | 278 Views
In Q2 2017, cybercriminals involved in spam distribution tried to capitalize on public fears when the WannaCry ransomware epidemic struck in May. Knowing that there are lots of people out there infected with this...See More

 
AOC Partners with Twentieth Century Fox to Promote Release of Alita: Battle Angel
Techworld Date Posted: 28 January 2019 4:16 PM | 162 Views
AOC, a global-leader in display technology, has once again partnered with a powerhouse in the global entertainment industry – Twentieth Century Fox Film. AOC has become the official monitor partner of Alita: Battle Angel. See More
 
AOC Partners with Twentieth Century Fox to Promote Release of Alita: Battle Angel
Techworld Date Posted: 4:16 PM | 162 Views
AOC, a global-leader in display technology, has once again partnered with a powerhouse in the global entertainment industry – Twentieth Century Fox Film. AOC has become the official monitor partner of Alita: Battle AngelSee More

 
Concerns on the Rise about Mobile Apps Watching and Tracking Users, Finds Kaspersky Lab
Techworld Date Posted: 16 July 2018 4:28 PM | 469 Views
The monitoring capabilities of mobile apps are becoming a concern for users, many of whom are worried that the apps on their connected devices might be able track them down, watch what they’re doing,.... See More
 
Concerns on the Rise about Mobile Apps Watching and Tracking Users, Finds Kaspersky Lab
Techworld Date Posted: 4:28 PM | 469 Views
The monitoring capabilities of mobile apps are becoming a concern for users, many of whom are worried that the apps on their connected devices might be able track them down, watch what they’re doing,...See More

 
Master SSDs the Easy Way with the Plextor Newly-Launched Plextool NVMe Edition
Techworld Date Posted: 31 May 2018 10:25 AM | 359 Views
PLEXTOR, a global leading brand of high-performance digital storage devices, has launched the latest generation of the SSD toolbox, the Plextool NVMe Edition, which is designed for Plextor NVMe SSDs. The new toolbox provides.... See More
 
Master SSDs the Easy Way with the Plextor Newly-Launched Plextool NVMe Edition
Techworld Date Posted: 10:25 AM | 359 Views
PLEXTOR, a global leading brand of high-performance digital storage devices, has launched the latest generation of the SSD toolbox, the Plextool NVMe Edition, which is designed for Plextor NVMe SSDs. The new toolbox provides...See More


Power by

Download Free AZ | Free Wordpress Themes