Today's columnist, Nasrin Rezai of Verizon, writes about how CISOs have to get comfortable speaking to top management and get everybody in the organization focused on security. (CC BY-NC-ND 2.0)

For cybersecurity leaders across the world, 2020 has been a lightning rod of security challenges. Widespread public attention to the COVID-19 pandemic and governmental policy responses have given phishing and robocall scammers new attack opportunities. Meanwhile, the rapid shift to remote work and school and acceleration of ecommerce have forced many cybersecurity leaders to pivot toward safeguarding our geographically-distributed organizations against a growing number and type of threats. For many cybersecurity teams, threat detection and response activities have become the standard operating model in a resource-constrained organization facing ever-growing threats. 

As businesses look forward to 2021 and employees and consumers adjust to the new normal, there’ a simple formula for a CISO wanting to break the cycle of reactivity: Lean into the business. This means building trust with leadership, getting comfortable communicating in the boardroom and developing a thorough understanding of the overall business strategy, its operations and the unique risks faced by individual business units. Be at the table early with top stakeholders with a vision, mission and a strategy for security that shows how an investment in preventative security delivers value. And, be proactive in managing risks and leading change.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.