Large enterprises can learn crucial security lessons from small and midsized organizations — which often have a stronger culture of accountability and responsibility when it comes to data protection.
To alleviate the cybersecurity hiring gap, CISOs should look to tap new pools of talent in adjacent industries and help new hires develop their security skills through thorough, regular training.
When it comes to cybersecurity reporting, CISOs must communicate security risks, priorities and initiatives in the language of business to earn the attention and respect of board directors.
Human error, credential misuse and disgruntled employees aren't the most common threats security leaders have to face — but the complexities of these incidents make insider threats the stuff of CISO nightmares.
Although new research revealed that the state of cyber resilience is improving — especially regarding executive engagement — there is still room for improvement.
Lessons From the Marsh ‘Global Cyber Risk Perception Survey’: Disconnects Persist Despite Increased Executive Involvement
Despite in increased involvement of various stakeholders in risk management, a recent risk perception survey revealed a persistent disconnect between executives and the security function.
A new survey revealed that CISOs need both new sources of talent and better technology to help close the cybersecurity skills gap.
The International Standards Organization (ISO) released an updated version of its risk management guidelines to help security leaders engage top leadership in cyber risk decision-making.
The role of the security leader is expanding, and CISOs must posses strong communication skills, extensive technical knowledge, analytical minds and the respect of their peers to be successful.
The CISO's position on the security org chart influences the nature and frequency of interactions the security leader will have other executives — not to mention the security budget.