• News
  • Security
  • Products
  • About Seqrite
Seqrite Blog Blog
  • News
  • Security
  • Products
  • About Seqrite
Home  /  Uncategorized  /  Need for Security Expert at Senior Level: CISO
16 June 2017

Need for Security Expert at Senior Level: CISO

Written by Ankita Ashesh
Ankita Ashesh
Uncategorized
Estimated reading time: 3 minutes

You might be sitting relaxed in your office thinking that cyber threats are for others. My IT department is sufficient to take care of the security of my data and systems. Or probably, we aren’t that big or popular that someone will hack into our systems. Or even worse, we are so big that we have a few people taking care of data security reporting to my IT guy, they’ll manage. Well, you may need to rethink!

A report published by Hiscox Insurance outlined that the total cost of cyber-attacks is more than 450 Billion USD. The report also stated that over 100 million Americans had their medical records stolen. An international study found that nearly 40% of Enterprises were hit by ransomware in 2015-2016 of which 34% of business victims lost revenue and 20% had to cease operations immediately.

The cyber threat landscape

The ever-present threat to any organization’s information systems cannot be ignored. It is present across industries and organizations of all sizes, small, medium and large. Technology has enabled the business operations to be spread geographically. From simple 2 tier client-server technologies, the landscape has evolved to using software as a service, cloud storage and multiple user platforms (‘With Bring Your Own Device’, there are many handheld devices with almost as many operating systems accessing organizational data and services). The movement of data beyond organizational boundaries has increased  and the number of channels through which this information flows has grown exponentially. This level of openness of systems inherently exposes both data and system for cyber attacks.

At the same time, the cyber criminals have evolved. From just ‘hacking sites’ they are now able to conduct network surveillance, launch distributed denial of service (DDoS) attack, phishing attacks and constantly invent new ways that are targeted to steal organizational data and monetize it. The proliferation of portable storage devices also increases the risk of internal loss of data either due to negligence of staff or intentional breach of security. People in security world know very well that users will exploit loopholes in security policies to achieve their directives and performance metrics. These methods eventually lead to threat of loss of data for the organization.

Need for security expert

Considering the complexity of the operating environment and sophistication of the possible attacks, Organizations need dedicated effort to protect themselves from loss of data. There needs to be analysis of the risks, mitigation of these risks, alliances and partnerships with business operation teams and third party specialists. Coordinated, dedicated effort is required to achieve such desired level of information security. Every business operation must be designed with security being an integral part of that design. For this, a separate role of CISO is needed, who is responsible for overall information security of the organization and has sufficient authority to control all aspects of business from security perspective.

The value brought in by Chief Information Security Officer (CISO)

A dedicated CISO will have the in-depth knowledge about the threats that exist, the protective measures, tools and techniques to protect the infrastructure and information. He will be skilled to assess the threats, calculate the impact on business and then communicate the threats in such a language that the other CXOs understand the risks. He will be doing all this proactively – much before the threat becomes a reality (if at all). The job requires not only the technical knowledge and understanding of the security environment but also wide knowledge of the business operations to know where these risks might occur. It is important that CISO has these skills to ensure that management dedicates right budget for cyber security in the organization. Moreover, most of the standards for information security such as ISO 27001, NIST, COBIT require a fully documented information security policy along with a senior position to oversee and manage that policy. These standards can also be leveraged to help organizations describe the role and responsibility of CISO so that he can implement robust cyber security practices.

CISO – It’s about leadership

He not only defines the security policies and procedures, but also drives the security education of the workforce. In doing so the effectiveness of the security measures becomes clear and a more secure infrastructure can be created. The key to the success of the CISO role is not just in designing a robust cybersecurity strategy, but in educating and imbibing the security practices in the organization’s workforce. This gives out an important message that the organization is not only excellent in the services they provide, but is also conscious to protect the customer and partner data.

Seqrite helps businesses simplify IT security and maximize business performance. To know more about our products and services visit our website. 

 Previous PostAddressing the weakest link in cyber security: Human Error
Next Post  Building a Security Incident Response Plan
Ankita Ashesh
About Ankita Ashesh

...

Articles by Ankita Ashesh »

Related Posts

  • Gorgon APT fractures India’s Industrial Backbone

    Gorgon APT targeting MSME sector in India

    August 10, 2020
  • Way Out of The MAZE: A Quick Guide For Defending Against Maze Ransomware

    May 21, 2020
  • The-need-for-businesses-to-empower-the-CISO

    Why do boards need to empower their CISO?

    October 22, 2019

No Comments

Leave a Reply.Your email address will not be published.

Cancel reply

CAPTCHA Image
Refresh Image

Popular Posts

  • Turn the Page: Cybersecurity Predictions for 2021 & beyond Turn the Page: Cybersecurity Predictions for 2021 & beyond February 18, 2021
  • The Data breach inferno burning big-ticket businesses The Data breach inferno burning big-ticket businesses February 5, 2021
  • Pharma Sector needs to streamline its insides to avoid cyberattacks Pharma Sector needs to streamline its insides to avoid cyberattacks February 12, 2021

Featured Authors

  • Seqrite
    Seqrite

    Follow us for the latest updates and insights related to security for...

    Read more..
  • Viraj Talikotkar
    Viraj Talikotkar

    Viraj is a Lead Technical Writer at Quick Heal Technologies. He is always on...

    Read more..
  • Sanjay Katkar
    Sanjay Katkar

    Sanjay Katkar is the Joint Managing Director and Chief Technology Officer of...

    Read more..

Latest Posts

  • Businesses now worried about the surge in COVID-19 infodemic

    Businesses now worried about the surge in COVID-19 infodemic

    February 26, 2021
  • Turn the Page: Cybersecurity Predictions for 2021 & beyond

    Turn the Page: Cybersecurity Predictions for 2021 & beyond

    February 18, 2021
  • Pharma Sector needs to streamline its insides to avoid cyberattacks

    Pharma Sector needs to streamline its insides to avoid cyberattacks

    February 12, 2021

Stay Updated!

Topics

Antivirus For Linux (10) apt (9) BYOD (9) COVID-19 (10) Cyber-attack (31) cyber-attacks (56) cyberattacks (12) Cybersecurity (279) cyber security (25) Cyber threat (29) cyber threats (44) Data (11) data breach (50) data breaches (27) data loss (28) data loss prevention (33) data protection (21) data security (13) DLP (49) Encryption (16) endpoint security (102) Enterprise security (14) EPS (9) Exploit (12) firewall (11) hackers (9) IoT (10) malware (58) malware attack (22) malware attacks (12) MDM (25) mobile device management (9) Network security (18) Patch Management (12) phishing (16) Ransomware (56) ransomware attack (29) ransomware attacks (30) ransomware protection (12) Seqrite (24) Seqrite Encryption (27) Seqrite EPS (33) Seqrite Services (16) UTM (34) Vulnerability (10)

Products

  • Endpoint Security (EPS)
  • Seqrite Encryption Manager
  • Seqrite Endpoint Security Cloud
  • Cloud Security
  • Seqrite mSuite
  • Seqrite MobiSMART
  • Unified Threat Management
  • Seqrite Secure Web Gateway
  • Antivirus for Server
  • Antivirus for Linux

Resources

  • White Papers
  • Datasheets
  • Threat Reports
  • Manuals
  • Case Studies

About Us

  • Company Overview
  • Leadership
  • Why choose SEQRITE?
  • Awards & Certifications
  • Newsroom

Archives

  • By Date
  • By Category

© 2020 Quick Heal Technologies Ltd. (Formerly Known as Quick Heal Technologies Pvt. Ltd.) Cookie Policies Privacy Policies

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website.
By browsing this website, you agree to our cookie policy.