Rethinking Cybersecurity's Structure & the Role of the Modern CISO

No matter how much power or manipulation skill CIOs acquire, their reach and range is always limited if they behave as independent entities and cannot execute to scale. Since we are discussing warfare, execute is meant quite literally. In warfare, one must be able to dispatch multiple enemies or potential enemies at one time.

Companies' cultures need to change. You need to become concerned about every new piece of software, every new connection and every new piece of data -- whether or not you're required by law to care. If some piece of software doesn't contribute to your core business, don't allow it. If some new Internet-connected service isn't part of your mission,

Now, let's think about this example in terms of cybersecurity.Your organization uses the NIST cybersecurity framework as a scoreboardto say, here's where we are in terms of our cyber maturity score.We think the attackers are currently ahead of us, and we need to increaseour maturity on these three important items before the end of the year.And if w

“My advice would be taking a look at every governance document you’ve got and really make sure that they’re crystal clear about roles and responsibilities, especially around who makes risk management decisions,” recommends Charles Blauner, a former banking CISO, and currently cybersecurity advisor for his consultancy Cyber Aegis, as well as CISO in