Instead of only focusing solely on how to protect the existing environments, CISOs must also aim to provide the right environment for secure business innovation.
Some predictions for 2023. We will see most security frameworks continue to fail in 2023 for a simple reason: complexity. And the role of CISO will be elevated to be on the board or reporting directly to the CEO.
Cyber leadership is currently based on individual best effort, with no agreement on what ‘good’ looks like, with Chief Information Security Officers (CISOs) typically blinkered on the implementation of controls rather than understanding the risks to the business and driving cultural change accordingly.
The Introduction of the California Consumer Privacy Act (CCPA) And the Change of the CISO Role in 2023
As the CCPA comes into effect in the new year, we should prepare to see stricter regulations unfold both in the US and at a national level. Companies hiring for the CISO role must ensure candidates are informed of the legal expectations and are up to speed with protocols for security incidents.
Cybersecurity Programs Struggling To Keep up With Attack Surfaces, Risk Priorities in Pandemic Conditions
Randori report indicates that cybersecurity programs are struggling to manage attack surfaces that have become significantly more difficult due to pandemic conditions.
The days of managing from the shadows are long gone for the CISO. Today’s CISO is more than an advisor to the C-suite with 88% of boards of directors viewing cybersecurity as a business risk. The role for the CISO has expanded to encompass advising the entire business and employees on how they can help ensure data security.