BUSINESS surveillance
As a business grows , inevitably its attack surface expands , becoming a potentially lucrative target for hackers . infrastructure running , such as configuring servers , installing software updates and setting up laptops .
Usually these organisations are small , often private companies with no obligations to shareholders and fewer regulatory pressures .
Other demands on the business often take precedence , such as sales and commercial functions . Consequently , important safeguards like multi-factor authentication may not be implemented as they are seen as restrictive . In some cases , cybersecurity is perceived as a hindrance to productivity and relegated to a check box activity .
2 . The right time for a CISO
As a business grows , inevitably its attack surface expands , becoming a potentially lucrative target for hackers . More employees , customers and suppliers equate to additional processes and applications which in turn create more vulnerabilities for attackers to exploit .
At this point cybersecurity is rising higher up the management agenda , and businesses start thinking about recruiting a senior cybersecurity professional or CISO . In this early stage , the role is often described as a technical appointment with an expectation the incumbent will spend a proportion of time coding alongside development staff . There is often little or no scope for the CISO to plan and implement an overarching cyberstrategy .
Additionally , compliance requirements start to receive more attention , with the deployment of formal monitoring and auditing capabilities , using internal resources or external expertise .
This is the time when IT and security should establish effective communication channels to ensure security objectives are mutually agreed , which prevents a gap growing between the two functions . If the CISO and CIO interact and communicate regularly , then this bodes well for productive co-operation between their teams .
64 WWW . INTELLIGENTCISO . COM