? editor ’ s question he responsibilities
T of the CISO have changed considerably due to the pandemic , not just because of the rapid evolution of technology and digitisation , but because the very nature of how we all work has changed .
The CISO now needs to ensure Business Continuity and security with staff operating from multiple remote locations . The attack surface area has increased and lone workers need to be trained or retrained to mitigate and avoid the risk of cybercrime pitfalls created by their new ways of working .
In Australia , the CISO ’ s role has also been dramatically changed by the recent amendments to the Security of Critical Infrastructure ( SOCI ) Act ,
The CISO now needs to ensure Business Continuity and security with staff operating from multiple remote locations . which aim to strengthen the security and resilience of critical infrastructure by expanding the sectors and asset classes the Act covers .
SOCI now mandates the registration of critical infrastructure assets and ensures the adoption of risk mitigation policies to deal with cybersecurity incidents that affect critical infrastructure assets , whether they be defence sites , energy or water plants , data centres , or telecommunications infrastructure . SOCI now means that Operational Technology ( OT ) environments are front and centre in the daily duties of a CISO .
Similar critical infrastructure legislation is underway or being considered in other Asia-Pacific countries too , which may
AMMAR HINDI , VICE PRESIDENT OF APJ SALES , NOZOMI NETWORKS
At the highest level , CISOs need to educate on and elevate their own role in the eyes of the boards they sit on or advise .
see a broader OT-focused redefinition of the CISO role across the region .
In light of this new focus , CISOs need to ensure very broad and uninterrupted visibility of OT , Internet of Things ( IoT ) and IT assets . Guarding against breaches no longer suffices the nuances needed for this role to fully protect organisations and their teams . CISOs need to coach the entire organisation – now likely dispersed between traditional offices , home offices , as well as other remote locations – to adopt security as part of every step in daily business life .
At the highest level , CISOs need to educate on and elevate their own role in the eyes of the boards they sit on or advise . Success in doing this will see talented CISOs command a higher salary and attract people from diverse backgrounds , an important consideration for most cyber-related roles as they require a variety of skillsets . www . intelligentciso . com
29