Business skills key to CISO’s survival
Premium Content

Access "Business skills key to CISO’s survival"

Published: 12 Aug 2013

Business skills are key components of any chief information security officer (CISO), says Paul Swarbrick, CISO at aeronautical information service, NATS. “After 25 years in information assurance, I am convinced that in the modern era that the role is not about technical expertise, but about being a business expert,” he told Computer Weekly. Essential CISO skills, therefore, include good communication skills, risk management and governance skills, and an understanding of how businesses work. “The people I stay closest to are the head of internal audit and head of corporate governance,” said Swarbrick. Technical vulnerabilities, he said, only become a business risk when they are expressed in business terms. “There is a difference between penetration testing to look for technical vulnerabilties and doing a risk assessment, which is at the business level,” said Swarbrick. A common problem in many organisations is that the CISO role is ill-defined because there is no consensus around what someone in that role should do. CISOs in no man's land “Many CISOs are ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

What's Inside

Features
    • The ideology of hacking by Mark Brown

      Business leaders need to be educated on the true threats their firms face and IT security professionals have to arm their executives with that information

More Premium Content Accessible For Free