CISO of the Week

Interview with the Cyber Startup Observatory. The Cybersecurity Leaders section recognises the commitment, dedication, vision and contribution of top-notch global cybersecurity professionals to the industry. Every week, we will be interviewing CISOs / CIOs and other Cybersecurity Leadersthat are defining and implement the cybersecurity strategy in leading financial institutions, healthcare corporations, e-commerce companies, SMEs/SMBs, the public sector, consulting and …

Continue reading CISO of the Week

The Why and How of Talking Tech with the Board: 3 Strategies to Help Them “Get” Cybersecurity

Nobody wants their enterprise to be the victim of the next big data breach. For chief information security officers (CISOs) and others who eat, breathe and sleep technology, the solutions seem obvious; there are, after all, not many times, waking or sleeping, that we’re not thinking cybersecurity best practices. But there’s a hidden danger to …

Continue reading The Why and How of Talking Tech with the Board: 3 Strategies to Help Them “Get” Cybersecurity

Four steps to managing software vulnerabilities

For me, the challenge isn’t always remediation.  In fact, technical vulnerabilities are almost always ‘fixed’ in one of two ways:  change a configuration or apply a software update in the form of a security patch.  CISOs face two fundamental challenges, which are applicable to both scenarios: 1) Visibility. It’s one thing applying a security update …

Continue reading Four steps to managing software vulnerabilities

Why CIOs need to drive digital transformation

CEOs are clearly recognising the benefits of digital transformation - but to truly reap the rewards, they need help implementing these changes. According to Gartner’s 2018 CEO survey, CIOs need to push executives towards digital change and then support them throughout the digital transformation journey. Indeed, the survey revealed that while 62 percent of executives have …

Continue reading Why CIOs need to drive digital transformation

From Engineer to C-Suite

By Matthew Stern - CompTIA It was a few days after the go-live date for the much-discussed General Data Protection Regulation (GDPR), and things in Europe were getting back to business as usual. In the UK, Chris Hodson, chief information security officer (CISO) and data protection officer at Zscaler, hadn’t received too many GDPR-related inquiries from the …

Continue reading From Engineer to C-Suite

Top Ten CISO Challenges: What to Watch in EMEA

It’s that time of year again, we are building up the conference season. A time where we look left-and-right across the security challenges that organisations are facing. Around this time last year, I gave my view of the EMEA CISO Landscape and given all that has happened in our industry over the past 12 months, I wanted to provide …

Continue reading Top Ten CISO Challenges: What to Watch in EMEA

CISOs: What you can control – and what you can’t – in GDPR

There’s a lot of confusing rhetoric around GDPR (General Data Protection Regulation). I’d like to help clear up some of it. I’m not a GDPR expert; however, I am a CISO with pretty deep experience in the implementation of risk management and information security programs. I lead my own organization’s GDPR readiness activities, and I’ve studied, and passed, …

Continue reading CISOs: What you can control – and what you can’t – in GDPR

How to engage with the C-Suite on cyber risk management, part 4

Creating metrics to indicate risk. In part 3 of our metrics series, we discussed we how KRIs help identify risks while KPIs help us measure them. In this, our final article in the series, we’ll build on this knowledge to create metrics based on our four-stage model for qualifying risks and threats that we introduced in part 2. …

Continue reading How to engage with the C-Suite on cyber risk management, part 4

How to engage with the C-suite on cyber risk management, part 3

Understanding KPIs and KRIs. In the first and second parts of our series on engaging with boards on cyber risk management, we explained what today’s boards needed to know about security. In this article, we’ll deep dive into some of the metrics associated with our four-step methodology for qualifying threats and prioritising risk (see details in part 2). The ultimate …

Continue reading How to engage with the C-suite on cyber risk management, part 3