While digital transformation fuels the focus for investment, information security is evolving faster than ever before. The workforce is becoming more tech savvy, new and disruptive technologies are reaching maturity, rapid growth in cloud adoption as well as increased 3rd party vendor relationships; the modern CISO must be a business leader, enabler and partner to the enterprise.
In addition to the ever changing issues around governance and compliance, organisations are falling victim to increasingly sophisticated threat campaigns. With the EU GDPR implementation, it has become a balancing act for CISOs today to protect data and manage vulnerability whilst under unprecedented scrutiny to overcome regulation; what systems to use and what resource to allocate without detriment or burden to the other.
GDPR has been on every Information Security professional’s mind for what feels like forever but finally the new legislation has come into play. There has been a lot of speculation about the aftermath and with complaints filed against leading tech corporations in the first week it is evident the new regulations are being taken very seriously. It is important for all organisations to be compliant, or as compliant as they can be.
Hackers are showing no sign of retreat and are beginning to use AI and machine learning to outsmart defence systems. Whilst legacy systems are still in place in many organisations and others moving whole systems and networks to the cloud – hackers can take advantage of weak points in the structure and gain access with ransomware remaining a common threat. Phishing attacks are becoming increasingly sophisticated and there are still stories published regularly about Executives falling into the trap. Not only are CISOs having to monitor the insider threat but they are also still struggling with a skills gap in the industry with limited qualified professionals in the workforce.
However, it is not all doom and gloom for CISOs – awareness is increasing at board level about the importance of investing in security which is leading to profound change and transformation within the industry and it is more important than ever for CISOs to share experiences and solutions to these growing threats.
Time is maximised onsite though a combination of:
Digital transformation and Information Security
The modern CISO pressures and challenges
GDPR – Where are you? Where should you be?
Demonstrating value of the Security department
Securing data and threat intelligence
Future skills & capabilities
4th Party risk management