Does the CISO role need to be formalised?
Security

Does the CISO role need to be formalised?

Jason Hart, CTO of Gemalto, is on a mission. He wants to formalise the role of CISO. “If I want to be a CFO I need various qualifications,” he explains over the phone. “If I want to be a CISO that isn’t the case.” He believes the role of CISO should be formalised – like an accountant – with mandatory regulations and training. “This doesn’t need to be complicated,” he stresses. “The simpler it is the better.”

The position of CISO is a difficult one though. The business importance of this individual has changed rapidly over the last few years and some see the position as a classic short-term fall guy – ready to be fired with the first breach. Hart says to do the job well you need someone geeky, good with people and good with business processes. “The dynamics of a CEO, if you like.”

“I was an ethical hacker,” he adds “and every successful breach came down to understanding the business process and understanding the level of risk.” He believes this means that while being technically savvy is a useful skill for CISOs to have, the most important thing is to understand business processes. “If you come from a non-technical background [you might be better at] engaging the board members.”

It is the fluidity that comes with the role, however, that many individuals see as a challenge to regulation. Ian Platt, Co-founder and President of Bromium tells me, when I meet him in London, that he thinks “as an industry we’re too early for this”.

“A lot of policy is wrong,” he says “offering the example that 95% of contracts [specifically state you must run anti-virus on every machine.” 

To continue reading...


Please login or register to view your article. If you do not have or do not remember your password, please click on the “Forgotten your password?” link at the bottom.
If you do not yet have a password but are an existing user, please use the “Forgotten your password?

PREVIOUS ARTICLE

«How technology will help Latin America to feed the world

NEXT ARTICLE

What is the impact of Africa’s (many) internet shutdowns? »
author_image
Kathryn Cave

Editor at IDG Connect

  • twt
  • twt
  • Mail

Add Your Comment

Most Recent Comments

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.

images

Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.

images

Poll

Will Kotlin overtake Java as the most popular Android programming language in 2018?