Light Dark
October 4, 2017 By Nir Carmel 3 min read
CISO
Application Security

When I think about my family vacations from childhood, I remember camping trips, hours on the beach, sharing stories around the campfire and the fun my siblings and I used to have in the back seat of the car — jumping on each other, switching seats and hopping from the third row into the front seat. Half the fun was enabled by the fact that we had no seat belts.

I also remember how frustrated we all were when they made seat belts mandatory — how we complained, cringed and pushed back when our parents forced us to put it on, and how annoying, restricting and uncomfortable the seat belt felt. But the interesting thing is that, within just a few weeks, putting on a seat belt became second nature. When we stopped dwelling on it, the seat belt no longer felt itchy and uncomfortable.

Read the Forrester Research Study: Future-Proof Your Digital Business With Zero Trust Security

Buckle Up for Safety

The seat belts in our cars and the cybersecurity in our organizations are more similar that you might think. Both were once seen as unnecessarily restrictive burdens and are now considered essential to our safety and, in the case of cybersecurity, the integrity of our sensitive data.

We all know that putting on your seat belt or applying security measures is the smart thing to do because it can save your life — or save your business from a security event — but we are often too lazy or too focused on other things to do the right thing. In fact, we often wait for a new regulation to force us to take the right security controls.

Just like the seat belt in my car, cybersecurity can easily become second nature to your organization. The sooner you embed security into your decision-making process, the sooner you can negate the belief that security slows down the business.

A chief information security officer (CISO) can help you accelerate your digital transformation and support business goals by adhering to the following principles:

  • Develop a risk-based approach to all business and IT initiatives.
  • Protect the data, not just the infrastructure.
  • Consolidate identity across all platforms, including on-premises, cloud and mobile.
  • Understand that compliance is just the first step, not the end goal.

Increased Collaboration Drives Digital Transformation

In a recent presentation at the Cybersecurity Nexus (CSX) conference, I was reminded about my childhood experience with seat belts. It’s amazing how something that seems uncomfortable at first can quickly become just another fact of life — one that ultimately keeps you safer. More specifically, I explored how line-of-business (LOB) executives and information security professionals can and should work together to implement security controls, adopt a risk-based decision-making process and drive the next wave of innovations to support business growth.

This digital transformation can serve as a great opportunity to revamp your security program to foster greater collaboration between the IT team and LOB executives. To begin the process, the CISO should first locate the organization’s sensitive data, then consolidate identity and access management (IAM) and device management controls. Finally, the CISO should infuse these strategies into the organization’s DevOps processes.

LOB executives, for their part, must consider security risks when making business decisions, and understand how the CISO’s efforts can actually benefit the business by empowering consumers and encouraging collaboration based on real-time security data. This enables the organization to efficiently release and adopt new applications to drive growth and optimize security programs that are aligned with business goals.

These cybersecurity measures are designed to help businesses meet their goals and sustain growth, not to impede progress or productivity. An open line of communication between security and business leaders is all it takes to quell executives’ fears and demonstrate how, like a seat belt, cybersecurity can save your organization in the virtually inevitable event of an accident.

Learn More

To learn more about unleashing your security team’s true potential and accelerating your digital transformation, download the complimentary Forrester Research report, “Future-Proof Your Digital Business with Zero Trust Security.”

Read the Forrester Research Study: Future-Proof Your Digital Business With Zero Trust Security

 |  |  |  |  |  |  | 
Nir Carmel
Information Risk and Protection Offering Strategy, IBM Security

More from CISO
April 9, 2024

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

April 2, 2024

The evolution of a CISO: How the role has changed

3 min read - In many organizations, the Chief Information Security Officer (CISO) focuses mainly — and sometimes exclusively — on cybersecurity. However, with today’s sophisticated threats and evolving threat landscape, businesses are shifting many roles’ responsibilities, and expanding the CISO’s role is at the forefront of those changes. According to Gartner, regulatory pressure and attack surface expansion will result in 45% of CISOs’ remits expanding beyond cybersecurity by 2027.With the scope of a CISO’s responsibilities changing so quickly, how will the role adapt…

February 21, 2024

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature