Establishing CISO priorities for the coming year
Mark Chaplin, the Principle of ISF, spends a significant part of his working life chatting to CISOs. His presentation, therefore, brought us insight into CISOs’ main objectives which are, reduce frequency of loss events AND reduce financial loss from loss events. Essentially, “lose less, less often”. He discussed what their focus will be within this next 12 months arguing the need to move away from firefighting, a term that I heard continuously throughout the two days by many delegates. How would they go about doing this? By focusing on the basics, and not getting distracted by the *coughs* “new” tech, e.g. Artificial Intelligence (AI). This need for simplicity is something we have found to be very popular in our campaigns, including our latest third-party risk back to basics webinar which you can watch here. As well as our latest security feature with SC Magazine which you can find here.
He also discussed the importance of identifying our crown jewels and how we should always consider the intellectual property in whatever we are doing. The other key focus I picked up on related to adopting a risk management mindset by putting the risks at the heart of what you do.
He outlined the benefits of risk management which included improved governance, reduced costs, higher profits, operational efficiencies and the importance of trust, reputation and brand. These three key basics of focusing on IP, traditional tech and risk management could be a way for CISOs to step out of the fire finally. What do you think?