Any time of destabilization in an increasingly linked, data-driven world has the potential to have unanticipated effects on organizations, regardless of where they live or operate. If firms are to stay resilient in difficult times, the CISO’s position as a vital friend, advisor, and subject matter expert remains crucial.
The COVID-19 situation has wreaked havoc on Chief Information Security Officers (CISOs) more than anybody else. The worldwide pandemic has hastened the move to remote working arrangements, and although many people have embraced the option to work remotely, it has also brought with it a slew of security concerns. Protecting the corporate network is no longer enough; now every employee’s home provides a new access point for prospective cyber-attacks.
So, what should the CISO do when a security issue occurs (which will undoubtedly happen), to demonstrate meaningful value to the company? Here are a few actions that CISOs may take to go from reactive to proactive mode and increase their organization’s ability to respond to threats.
Continue to keep an eye on the issue and report on it
CISOs must ascertain that the company has access to real-time intelligence updates and a constant picture of the threat landscape. This does not have to imply a glut of information. Instead, CISOs should convey a manageable amount of situational awareness without diluting the value of the message. Risks should be communicated in the order of their importance. They need to highlight the efforts that have already been made to reduce identified risks, and concentrate on the ones that are still awaiting executive action.
Use the right terminology for the target audience
CISOs must always offer context and terminology that is suitable, avoiding technical jargon. They should extend the analysis of the danger to include the threats to the company’s objectives. In addition, they must avoid employing FUD (fear, uncertainty, doubt) methods to shock parties into action, and don’t utilize the circumstance to push their own agenda.
Problems and challenges should always be accompanied by solutions or the chance to ‘address the problem’ together.
Pay special attention to the resiliency of high-risk assets
CISOs need to determine and prioritize essential assets, resources, networks, and suppliers that are in danger of being disrupted. They must work with their individual owners within the company to define duties for reducing high-risk regions. Business cases (what alternatives are available, what is the best strategy, why does the proposed approach make sense, and what value it will provide to the organization) should be used to support the narrative, as should budget and resource requirements. Also, CISOs must work closely with diverse teams to provide them with tools, training, and resources while keeping their culture and security maturity in mind.
Prepare the company for incident response
Businesses should be prepared and able to act quickly in the event of an interruption or disaster. Rehearsing current response plans with senior executives and important stakeholders, and fine-tuning them if required, is always a smart idea. Incident response plans must always cover a variety of scenarios as well as critical measures to be performed in the event of a destabilization. A specific chain of command must also be included in the plan so that the organization can quickly transition into reaction mode if necessary.