Business skills key to CISO’s survival
Premium Content

Access "Business skills key to CISO’s survival"

Published: 12 Aug 2013

Business skills are key components of any chief information security officer (CISO), says Paul Swarbrick, CISO at aeronautical information service, NATS. “After 25 years in information assurance, I am convinced that in the modern era that the role is not about technical expertise, but about being a business expert,” he told Computer Weekly. Essential CISO skills, therefore, include good communication skills, risk management and governance skills, and an understanding of how businesses work. “The people I stay closest to are the head of internal audit and head of corporate governance,” said Swarbrick. Technical vulnerabilities, he said, only become a business risk when they are expressed in business terms. “There is a difference between penetration testing to look for technical vulnerabilties and doing a risk assessment, which is at the business level,” said Swarbrick. A common problem in many organisations is that the CISO role is ill-defined because there is no consensus around what someone in that role should do. CISOs in no man's land “Many CISOs are ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

What's Inside

Features
    • The ideology of hacking by Mark Brown

      Business leaders need to be educated on the true threats their firms face and IT security professionals have to arm their executives with that information

More Premium Content Accessible For Free

  • The state of email trust in 2014
    state-of-email-trust-2014-252.jpg
    E-Handbook

    Email security improved in 2014 but most companies still haven't done enough to protect their customers from phishing attacks, this study from Agari ...

  • Strategies for the age of digital disruption
    Digital Transformation Review-252.jpg
    E-Handbook

    Disruption can happen at any time, in any sector, and its effect on traditional organisations can be fundamental. Capgemini offers some strategic ...

  • Bridging the big data divide: Part two
    Bridging the IT business Part II-252.jpg
    E-Handbook

    As the big data era takes hold, it is time to sit down with the business and sort out what IT can do to provide a fully supportive data platform for ...