Access "Business skills key to CISO’s survival"
This article is part of the 13 August 2013 issue of Is the UK smart meter project doomed to fail?
Business skills are key components of any chief information security officer (CISO), says Paul Swarbrick, CISO at aeronautical information service, NATS. “After 25 years in information assurance, I am convinced that in the modern era that the role is not about technical expertise, but about being a business expert,” he told Computer Weekly. Essential CISO skills, therefore, include good communication skills, risk management and governance skills, and an understanding of how businesses work. “The people I stay closest to are the head of internal audit and head of corporate governance,” said Swarbrick. Technical vulnerabilities, he said, only become a business risk when they are expressed in business terms. “There is a difference between penetration testing to look for technical vulnerabilties and doing a risk assessment, which is at the business level,” said Swarbrick. A common problem in many organisations is that the CISO role is ill-defined because there is no consensus around what someone in that role should do. CISOs in no man's land “Many CISOs are ... Access >>>
Premium Content for Free.
Business skills key to CISO’s survival
by Warwick Ashford
Business skills are key components of any CISO says Paul Swarbrick, CISO at aeronautical information service, NATS
- Business skills key to CISO’s survival by Warwick Ashford
The ideology of hacking
by Mark Brown
Business leaders need to be educated on the true threats their firms face and IT security professionals have to arm their executives with that information
- The ideology of hacking by Mark Brown
More Premium Content Accessible For Free
Email security improved in 2014 but most companies still haven't done enough to protect their customers from phishing attacks, this study from Agari ...
Disruption can happen at any time, in any sector, and its effect on traditional organisations can be fundamental. Capgemini offers some strategic ...
As the big data era takes hold, it is time to sit down with the business and sort out what IT can do to provide a fully supportive data platform for ...