Friday, January 15, 23:37
Home business Make sure cybersecurity teams help your business

Make sure cybersecurity teams help your business

Business leaders need to rethink the way they handle cybersecurity teams. Do leaders ask the right questions and understand how cybersecurity programs work?

Overseeing cybersecurity programs, whether at the board level or at the leadership level, has always been a challenge. The typical questions managers ask range from the general question, "Are we safe?" to more detailed questions about the measurements, such as “How many vulnerabilities Did you correct the previous quarter? ” The answers to these questions may not help to highlight the true effectiveness of the program. These types of questions often signal a lack of understanding of how cybersecurity teams work and a lack of vision for how cybersecurity can really help a business grow.

cybersecurity

Efforts have been made to help leaders ask the right questions to cybersecurity team leaders to improve their effectiveness. The National Association of Corporate Directors (NACD) has provided some excellent guidance on which questions to ask and which approaches Business leaders must follow suit to make the most of the security team.

Change the mindset of cybersecurity surveillance

Information security officers (CISOs) should be held accountable for most of their responsibilities regarding the risk of cyber threats. When we think of the prism of a traditional model SWOT (Strengths, Weaknesses, Opportunities and Threats), cyber security surveillance usually touches on the weaknesses and threats of the equation. CISOs tend to be big degree to deal with them sectors to address issues that may prevent a business from achieving its goals. However, remaining only on weaknesses and threats, the safety in cyberspace becomes more of a security program than a potential development guide.

While it is not wrong to think of threats and weaknesses in terms of supervision and risk management, it usually leads to financial dialogues that resemble discussions about buying insurance policies. Questions such as, “What percentage of it budget must be provided for security in cyberspace; ” used for decision making for example for the budget. This is similar to setting the price of insurance coverage for your business or home based on its value. The discussion should actually be much broader, because otherwise it omits the strengths and opportunities of the equation.

Changing the mindset to focus on strengths and opportunities completely changes the meaning of the dialogue and the possible outcomes. Of course, cybersecurity and risk management are used to protect the business from vulnerabilities and threats, but what if there are ways cybersecurity teams can identify strengths and opportunities? Are there areas of the business where security teams are not currently focused? It is quite possible that a CISO working throughout the business will have new ideas that will help the business.

New lines of challenge

At any meeting, the goal is to leave with new information and new instructions for supervision and approval procedures. CISOs must be challenged to think of their work from the perspective of improving companies and their contributions to overall business objectives, creating opportunities and opportunities.

The best example of this is when safety is "shifted" to changing performance control in the early stages. In a development process the developers it is better to fix them problems during creation instead of waiting to try a final product. The last approach is particularly annoying for developers who have to stop working to stop and fix problems during procedure. Traditional KPIs (key performance indicators) in the development process include measurements such as reducing the number of vulnerabilities or defects, as they will now be located in the process. While this is an effective cyber security measure, it does nothing to really emphasize business impact.

The real effect of this tactic is that fewer defects mean increased performance for developers, less edited code, faster releases products and faster revenue generation for new features and products. As an added benefit, a new strength may be the increased awareness of developers about how to write secure code. This new power could also be measured to show increased performance over time of time and then a differentiated one product at the market.

Challenge your CISOs to think about how to find a way to grow the business, highlight strengths and explore chances. Questions that may complement more traditional risk surveillance questions are:

  • What product improvements can we make to differentiate us in the market?
  • What is your tendency to reduce supplier delivery times or reduce sales cycle time?
  • What percentage of time do teams spend investigating or answering security-related questions? How is this monitoring over time?

Obviously, the questions will depend on the type of business, but its change mentality and CISO supervision is vital. With this shift, CISOs are forced to look beyond its walls group to better understand the business, thus creating more productive knowledge.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Teo Ehc
Teo Ehchttps://www.secnews.gr
Be the limited edition.

LIVE NEWS

Android: How to see which apps have access to your site

It's no secret that smartphone apps have access to many permissions - if you let them. It is important to make sure ...

Canon lets you take pictures from space

Instead of releasing new cameras for CES 2021, Canon is doing something different: It lets you take pictures from space ....

Wikipedia vs Big tech: Who fights misinformation?

As Election Day turned into US Election Week, Facebook, Twitter and YouTube were trying to prevent ...
00:02:36

Tesla: It is called to recall cars due to problematic screens

The touch screen in some Tesla cars seems to have a problem, which could ...

Ransomware is responsible for half of all data breaches in hospitals

Almost half of the data breaches committed in hospitals and the wider healthcare sector are due to ransomware attacks, ...

Astronomers have just found the oldest oversized black hole

A quasar was discovered in a dark corner of space - over 13,03 billion light-years away - and contains a ...

What are the best and most affordable 5G phones for 2021

The market will soon be flooded with mid-range 5G devices. Everything that happens will be really exciting: you will be able to ...

Verified Twitter accounts in a cryptocurrency scam with the name of Elon Musk violated!

Lately, hackers have been violating verified Twitter accounts in a cryptocurrency giveaway scam, in which the name of the CEO is used ...

Classiscam: Fraudsters "fake" brands and deceive users of European markets!

Dozens of criminal gangs publish fake ads in popular online markets, to attract unsuspecting users to "fraudulent" commercial sites or phishing ...

iOS 14.4: Displays a notification for repairs with non-genuine cameras

Starting with the iPhone 11, Apple has added a notification to iOS that tells the user when the device has a ...