EXPERT OPINION the board functions are an oversight by a governance and they ’ re operationally direct .
Diligent solutions have been specially designed to present high-level risk conversations or risk themes using the machine data produced at an operational level . Crucially this is performed in our platform and that is where the true value of this applies . For example , I am currently preparing for our Q2 risk committee meeting . Three years ago , PowerPoint would be my go-to software and I would have asked the team to provide the data . Today I can take advantage of the Diligent dashboard which is close to real-time board-level information allowing me to work off the latest updates . The power of our solution is mobilising the right information and translating it into meaningful conversations . This knowledge transfer is fluid meaning it can start with the board and finish at the operational level or can be moved in any other direction .
How do Diligent ’ s solutions make a difference to security decisionmakers over other competitors ?
The market is not lacking in risk management software solutions . I worked in the banking industry for 20 years and today you see solutions at various levels including enterprise , new commerce and SASE providers . The Diligent solution is focused on pulling real-time data and our continuous monitoring allows us to have a mature impact on operations and use the data to drive risk themes with resellers . The risk owner is an important concept because without them , it is not possible to formulate risk reduction actions due to the amount of effort it requires . The responsibility of fixing these configurations and vulnerabilities goes beyond the IT team and the conversation is framed differently .
All organisations face challenges dealing with vulnerabilities because they are dynamic and occur frequently . Could these vulnerabilities relate to resources , meaning we lack the correct people or the money to procure the right solution ? By people I mean our employees and our contractors , do they care about maintaining a secure environment through due care and due diligence ? The vulnerabilities could also stem from the process . Here we have the right people with the right technology , but the process is creating more hurdles for ourselves . By using our product , you can
bring the right message to the right risk owner at the appropriate time .
How do you anticipate the role of CISOs evolving in the future ?
The role is always evolving and when I became CISO 10 years ago it had already transformed dramatically . The trend has been an increase in IT transformation alongside cyberrisk . For example , AI could be both a productivity enabler and a software company that enables its features to support our customers . The CISO shift has needed to move from IT risk owner to having a trust conversation with the right audiences . The top CISOs are now able to articulate complex IT issues and align them with the business objectives , they understand that a single security solution or strategy is not going to be 100 % secure .
It is about having deep knowledge of your product strategy and corporate risk and going beyond the realm of data and IT will better support businesses . The biggest challenge for CISOs is to adapt their mindset , align with the business , listen to risks and instead of saying ‘ no ’ provide a collaborative solution with their business partners . u www . intelligentciso . com
51