Ensuring organizations adapt while also retaining a high level of digital trust is exactly where the chief information security officer (CISO) can help.
If we focus on the future at the expense of performing risk assessments to maintain defenses against existing threats, we will always be one step behind attackers.
IT and security professionals must be able to talk business to the C-suite and the board of directors, especially if new security products need to be added into the organization's portfolio.
With the realization that "we're all in this together," boards want to learn how their organizations are collaborating with the rest of the ecosystem in planning and testing cyber resilience.
While some organizations have improved their board governance processes on cybersecurity issues, much of the work to drive progress falls on the shoulders of the CISO.
Statistically, you're probably not. Even those with cyber insurance often have policies that leave them exposed to certain types of breaches, regulatory fines and real-world financial losses.
As the internet of things (IoT) takes over the world, IoT security remains, well, pitiful. Organizations are failing to ensure that the networks and data generated by IoT devices remain protected.
Chief information security officers (CISOs) are looking for ways to set the tone for the year and have more engaged conversations with top leadership regarding cybersecurity risks.
Just how well are organizations informing stakeholders about cyber risks? That was the question that EY sought to answer in their recent "Cybersecurity disclosure benchmarking" report.
As businesses rush to adopt emerging technologies such as AI, blockchain and big data, board directors must increase their engagement around cybersecurity risk.