WHY CISOS MUST
FOCUS ON EMPLOYEE
DEVELOPMENT AS A KEY
SECURITY STRATEGY
Modern CISOs are under increasing pressure to secure their
organisation while also contending with budgetary constraints.
Paul Anderson, Head of UK and Ireland, Fortinet, tells us how,
by focusing on employee development, enablement and buy-
in, CISOs can create a centralised security strategy that builds
collaboration and reallocates security teams away from tactical,
reactive work to more proactive and strategic efforts.
C
ISOs are facing
a perfect storm
when it comes
to securing
their networks.
As the number
of Internet of
Things (IoT) devices increases
exponentially, the scale, scope and even
the definition of network has changed
dramatically. Multi-cloud deployments
and DevOps approaches have dispersed
organisations’ data, while ever-increasing
degrees of mobility create more and more
points of access.
Modern CISOs must now protect a
constantly expanding attack surface,
with limited resources, at a time when
cyberattacks are becoming increasingly
sophisticated and security best
practices are evolving – all while security
talent becomes harder to find.
62
What contributes to these challenges
and how can CISOs effectively address
them? One of the clearest moves they
can take to improve their organisation’s
overall security posture is to prioritise
employee training and create a proactive
cybersecurity culture.
What’s getting in the way of
CISOs’ ability to reach their
cybersecurity goals?
According to recent reports, 35% of
CISOs believe the lack of a centralised
cybersecurity strategy and the lack of
support from senior management are
the top constraints to effective security.
But when examining the reasons behind
the lack of central strategy, many of the
issues seem to start at the employee
layer – both among IT employees as well
as general employees across the various
lines of business.
Paul Anderson, Head of UK and
Ireland, Fortinet
First, CISOs are dealing with the effects
of the ongoing cybersecurity skills gap.
According to the Center for Strategic
and International Studies, 82% of
organisations suffer from a shortage of
cybersecurity professionals, hindering
their ability to develop a more strategic
approach to cybersecurity and to keep
pace with new threats. Instead, security
teams end up staying focused
CISOs are facing a
perfect storm when
it comes to securing
their networks.
Issue 20
|
www.intelligentciso.com