The techUK podcast: The Role of the CISO in a Digitally Transformed Organisation
In December 2021, techUK launched The Role of the CISO in a Digitally Transformed Organisation report, which looks at what CISOs should be doing to help ensure cyber security is recognised as a business enabler and a critical ingredient in helping their organisation to deliver on its digitalisation journey.
In this episode of the techUK podcast, we explore the topic further with our three expert guests – Paul D'Cruz, Security Solutions Leader at Microsoft UK, Jean-Christophe Gaillard, Managing Director of Corix Partners and Martin Borrett, IBM Distinguished Engineer and Technical Director at IBM Security. We also talk more about the problematic balancing act of the CISO function and take a closer look at some of the recommendations offered to tech company CISOs in the report.
The 7 recommendations made in The Role of the CISO in a Digitally Transformed Organisation are:
Recommendation 1: The CISO must help the Board to recognise cyber security as a business enabler, and a critical ingredient in helping the organisation to deliver on its digitalisation journey.
Recommendation 2: The CISO should look beyond the purely technical and focus on business risk management. The CISO must have, and embrace, wider business skills and knowledge to drive change across all business functions.
Recommendation 3: The CISO must be prepared for all types of crises: identify the principles that will guide you in decision-making – and test them.
Recommendation 4: The CISO should build a digital empathy system: use telemetry data from trends to understand how people are working in the system to improve experience and reduce risk.
Recommendation 5: Supercharge the human firewall: the CISO should sharpen security hygiene to encourage people to adopt digitally safe behaviours and be on their guard against cyber threats.
Recommendation 6: The CISO should build the case for investment in appropriate threat intelligence so that they are equipped to help their leadership teams understand the business problem in context and to support improved decision-making.
Recommendation 7: Diversity is a strength to be actively sought within the security team (and beyond). The CISO should help to hold their organisation to account on diversity and initiate conversations that provoke action to ensure a team that makes better decisions.
Listen now to hear from three of the key contributors to this important techUK report.
Download the full The Role of the CISO in a Digitally Transformed Organisation report here.