Risk, Security Initiatives, Business Outcomes, & Aligning Budgets – BSW #206
In the Leadership and Communications section, Are businesses underinvesting in cybersecurity?, 4 tips to help CISOs get more C-Suite cybersecurity buy-in, New CISO Priorities of 2021, and more!
If you missed Security Weekly Unlocked, you can now access all of the content on-demand, whether you registered before the live event or not, by visiting https://securityweekly.com/unlocked and clicking either the button to register or the button to login!
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
- 1. Are businesses underinvesting in cybersecurity? - Even as cybersecurity trends and attack vectors have changed, many organizations continue to rely on — and invest in — the same tools and systems they've used for years. While companies may look to increase their cybersecurity budgets, they are actually underinvesting in the solutions needed to meet today's threat landscape.
- 2. Security needs to be embedded in every stage of the business cycle - Vishal Salvi, chief information security officer (CISO) and Head, Cyber Security Practice, Infosys, tells Sudhir Chowdhary that more than technology itself, nurturing a culture that recognises cybersecurity as top priority is critical to establishing digital trust and resiliency in these evolving times.
- 3. 4 tips to help CISOs get more C-suite cybersecurity buy-in - Even though cybersecurity is becoming more prominent in the boardroom, many CISOs continue to struggle with executive buy-in and comprehension -- some board members often have differing perspectives on what cybersecurity is about and its relation to privacy, data protection and regulatory risk. How do you position your cybersecurity strategy and program with the board? 1. Tell a cohesive story and narrative around cybersecurity 2. Focus on existential security risks first 3. Lead with CARE: Are security controls consistent, adequate, reasonable and effective? 4. Connect the dots between security initiatives and business outcomes.
- 4. Cybersecurity 2021: Asking the Right Question – Security Boulevard - No one is spending time to ask the right question. While a security analyst is busy deciphering 600-page reports and a CISO negotiates an increase in the year’s cybersecurity budget, the board only wants to know if their organization is secure. What question should we be asking? “How likely are you to get hacked, today?” And the answer to that is based on two other unanswered questions: 1. How current, or real-time is your information? 2. Are you quantifying your cyber risk?
- 5. The view from the top: IT spending could get better - Out of the 100 CIOs surveyed, 41 expect to increase their 2021 budgets compared to 2020. An additional 40 have a smaller budget this year, but 33 of those 40 said that they plan to revise their budgets if the economy improves by the end of the 2021. Security remains a top enterprise priority in 2021 and cloud conversions, whether pandemic driven or not, are also driving spending.
- 6. New CISO Priorities of 2021 – Security Boulevard - Drastic shifts to the way we work will continue in 2021 as CISO priorities continue to adapt in this new work-from-home era; we have seen a drastic shift in direction amongst security professionals. Here are the latest trends: 1. Protecting Assets with Least Privilege 2. Shifting Identity Management 3. Integrating DevSecOps 4. Continuous Auditing and Reporting 5. Moving to Proactive vs. Reactive 6. Staying Vigilant and Continuing Education