ciso
Security

Does the CISO role need to be formalised?

Jason Hart, CTO of Gemalto, is on a mission. He wants to formalise the role of CISO. “If I want to be a CFO I need various qualifications,” he explains over the phone. “If I want to be a CISO that isn’t the case.” He believes the role of CISO should be formalised – like an accountant – with mandatory regulations and training. “This doesn’t need to be complicated,” he stresses. “The simpler it is the better.”

The position of CISO is a difficult one though. The business importance of this individual has changed rapidly over the last few years and some see the position as a classic short-term fall guy – ready to be fired with the first breach. Hart says to do the job well you need someone geeky, good with people and good with business processes. “The dynamics of a CEO, if you like.”

“I was an ethical hacker,” he adds “and every successful breach came down to understanding the business process and understanding the level of risk.” He believes this means that while being technically savvy is a useful skill for CISOs to have, the most important thing is to understand business processes. “If you come from a non-technical background [you might be better at] engaging the board members.”

It is the fluidity that comes with the role, however, that many individuals see as a challenge to regulation. Ian Platt, Co-founder and President of Bromium tells me, when I meet him in London, that he thinks “as an industry we’re too early for this”.

“A lot of policy is wrong,” he says “offering the example that 95% of contracts [specifically state you must run anti-virus on every machine.” 

To continue reading...


PREVIOUS ARTICLE

« AI has its place in business, just don't believe the hype

NEXT ARTICLE

Is China starting to trump US tech industry on innovation? »

Recommended for You

International Women's Day: We've come a long way, but there's still an awfully long way to go

Charlotte Trueman takes a diverse look at today’s tech landscape.

Trump's trade war and the FANG bubble: Good news for Latin America?

Lewis Page gets down to business across global tech

20 Red-Hot, Pre-IPO companies to watch in 2019 B2B tech - Part 1

Martin Veitch's inside track on today’s tech trends

Poll

Do you think your smartphone is making you a workaholic?