An organization can have all the technology and expertise money can buy, but a poor security culture can still lead to devastating data breaches.
At the Cambridge Cyber Summit, IBM Security General Manager Marc van Zadelhoff offered three pieces of advice to help business prepare for a data breach.
Executives need an external risk adviser to help them monitor the cyber risk landscape and implement, monitor and refine security controls accordingly.
Without the proper context of risk analysis, evaluations of security investments that involve ROI calculations are virtually meaningless.
Cybersecurity is like a seat belt: While uncomfortable at first, it is crucial to the safety of your organization as it undergoes a digital transformation.
Although more than three-quarters of company directors reported a rise in cybersecurity awareness, only one-quarter actively share threat information.
CISO reports must clearly illustrate how cybersecurity relates to business objectives in a way that board directors can understand.
The CISO can positively impact both organizational security and his or her own professional brand through thought leadership.
Board directors must become more engaged in cyber risk governance or risk incurring regulatory fines and being sued by shareholders.
Critical elements of the CISO job description are often overlooked, exposing enterprise data and individual employees to cyberthreats.