Premium Content

Access "Business skills key to CISO’s survival"

Published: 12 Aug 2013

Business skills are key components of any chief information security officer (CISO), says Paul Swarbrick, CISO at aeronautical information service, NATS. “After 25 years in information assurance, I am convinced that in the modern era that the role is not about technical expertise, but about being a business expert,” he told Computer Weekly. Essential CISO skills, therefore, include good communication skills, risk management and governance skills, and an understanding of how businesses work. “The people I stay closest to are the head of internal audit and head of corporate governance,” said Swarbrick. Technical vulnerabilities, he said, only become a business risk when they are expressed in business terms. “There is a difference between penetration testing to look for technical vulnerabilties and doing a risk assessment, which is at the business level,” said Swarbrick. A common problem in many organisations is that the CISO role is ill-defined because there is no consensus around what someone in that role should do. CISOs in no man's land “Many CISOs are ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

Features
    • The ideology of hacking by Mark Brown

      Business leaders need to be educated on the true threats their firms face and IT security professionals have to arm their executives with that information

More Premium Content Accessible For Free

  • Open Trusted Technology Provider Standard (O-TTPS)
    Open-Trusted-Technology-Provider-Standard-(O-TTPS)-(1365609248_609).jpg
    E-Handbook

    The O-TTPS is an open standard containing a set of guidelines that when properly adhered to have been shown to enhance the security of the global ...

  • The identity perimeter
    The-identity-perimeter-(1365173761_823).jpg
    E-Handbook

    Successful businesses recognise the value of open communications within and beyond their organisations. However, achieving this means that the ...

  • Enabling the secure use of RFID
    Enabling-the-secure-use-of-RFID-(1364996037_361).jpg
    E-Handbook

    UHF radio frequency identification (RFID) promises vastly improved data collection and the analysis of physical objects from consumables to patients....