NACD updated its "Director's Handbook on Cyber-Risk Oversight," which included five new cybersecurity principles for boards of directors.
IT managers must understand how initiatives related to the information security program affect the business side of the organization.
In addition to responding to threats in progress, crisis leadership involves rehearsing various responses to prepare for a data breach.
Many organizations are changing the CISO reporting structure to reflect growing influence of IT over other departments and domains.
Shifts in the cybersecurity and business landscapes will introduce many additional changes to the ever-evolving role of the CISO in 2017.
Too much charisma can make for ineffective cybersecurity leadership. CISOs should encourage IT employees to challenge their policies and decision-making.
The top concerns for CISOs in 2017 involve aligning with business goals, addressing the IT skills gap and the increasing sophistication of cyberthreats.
Organizations can improve their ability to enforce security policies and better serve business initiatives by shuffling the security org chart.
The CISO should be the central figure responsible for defining an organization's information security strategic plan and aligning it with business goals.
Despite the rapid expansion of third-party risks, a recent survey revealed that many companies lack the cybersecurity leadership to respond effectively.