To truly be effective, CISOs must understand their organization's focus and culture. "In understanding the organization and its language, you understand what matters, and then by extension that will drive your security strategy and your security focus," said Helen Rabe, CISO at the BBC.
What kinds of training do security professionals need? The biggest skills gaps are soft skills - 55%, cloud computing - 47%, security controls - 35%, coding skills and software development - both at 30%, says ISACA's State of Cybersecurity 2023 survey of more than 2,000 security leaders globally.
In the drive to build a more diverse workforce, security organizations are progressing in many ways, such as ensuring that required skills in job descriptions are more inclusive, said Ed Parsons of (ISC)². But he added that job recruiters need to "meet underrepresented groups where they are."
Information security is no longer confined to the tech domain, and instead must align with business outcomes, adapted to suit an organizations' risk appetite, said Matt Gordon-Smith, former CISO at Gatwick Airport. Security teams often must balance competing needs and risks.
The Irish government has proposed a number of measures to strengthen the country's top cyber agency's abilities to tackle ransomware and other cyberthreats. The National Security Strategy lays out 18 new action plans intended to augment the National Cyber Security Center's capabilities.
The threat landscape continues to deteriorate, and criminals are using new techniques and pulling off devastating attacks. Meanwhile, security leaders are struggling to fill a critical shortage of skilled talent. Rob Clyde shares how ISACA is helping defenders keep up and gain cyber maturity.
Government-imposed rules on incident reporting by organizations impacted by cyberattacks are not new – many sectors have been subjected to them for decades. What is new is that governments are introducing new, more stringent incident reporting rules that will affect a broader set of organizations.
The new...
The latest edition of the ISMG Security Report discusses how adversaries have a new favorite tactic to circumvent MFA, why vendor Akamai is an appealing target for private equity, and what the industry can do differently to attract more females to leadership roles.
A man in the cybersecurity field is seven times more likely than a woman to have applied for or been offered the job of CISO, according to a new report from Accenture on the need for more inclusion in the workplace. Experts discuss strategies to close the gap and make hiring more inclusive.
Anand Atre began his role as deputy CSO of Crux Informatics soon after the start of the COVID-19 pandemic, and he soon confronted the challenge of how to properly secure a hybrid workforce. He outlines his strategies for cybersecurity and employee education.
A new (ISC)² member pulse survey on remote work policies in 2022 found that cybersecurity professionals who get to choose where to work are the most satisfied, while those being forced back into the office are the least satisfied. The association advises firms to discuss options with employees.
Tasked with heading cybersecurity in the recently created U.K. Department for International Trade, Don Gibson discusses the opportunities and challenges of building a security program from scratch, including the initial pushback he received and his efforts to win "hearts and minds."
Beyond advising the seniormost levels of the business in the strategic use of technology, the need to recruit new cybersecurity professionals often also tops the list of tasks facing today's security leaders, says Rob Hornbuckle, CISO of Allegiant Air.
The gap between cybersecurity workforce demand and the number of skilled workers available to fill those jobs widened during the pandemic. So organizations need to take a multi-pronged approach to attract, reskill and retain employees, says Vishal Salvi, CISO and head of cyber practice at Infosys.
The latest edition of the ISMG Security Report investigates the reboot of ransomware group Conti, which supports Russia's invasion of Ukraine. It also discusses why paying ransomware actors is a "business decision" and how to respond to the talent shortage in the financial sector.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.