Security Intelligence (IBM’s online security magazine) recently published an article pointing out that the staff that you had and still have may not be the right person to handle your cybersecurity now giving 5 indicators to help spot if your staff could be wrong for the organization from a cybersecurity risk perspective. DirectorsTalk caught up with John Blamire CEO of Falanx Group Ltd (LON:FLX) for his views.
“The growing requirement for dedicated CISO’s and the responsibilities the position carries should not be underestimated. However, many organisations find it difficult to justify the expenditure on such a dedicated post and those that do may find the CISO is under-resourced or subordinate to divisions within the company, often leaving them isolated, ineffective and unable to deliver the brief they have been given by the C-suite. This is one of the main indicators within a fast moving Cyber Security market of the need for trusted third party vendors to provide highly trusted and accredited managed cyber security services, either to the appointed CISO or to the company as a ‘virtual-CISO’ capability. The cornerstone of such a service has to be the continuous monitoring of the organisations digital environment, allowing the CISO to convey to the C-Suite the state of their security and assurance of data at absolutely any given time.
The most telling paragraph in this article is;
One of the primary tasks of CISOs should be helping the organization improve its handling of cyber risks and moving toward cyber resilience. In addition, the reporting of cyber risks should tend toward a continuous capability (i.e., what’s the cyber risk today) instead of a snapshotting capability (i.e., what was it at a given point in time). The organization should not wait for the next quarterly meeting to generate a snapshot of its cyber risk today.” – John Blamire CEO of Falanx Group Ltd
