Security leaders must understand metrics as critical tools to explain how security services support the organisation and its strategic objectives, writes Gary Hayslip, global CISO, Webroot.
Today, we witness an increasing number of cyber incidents across all industry domains. Boards of directors and senior management are educating themselves on their organisation’s risk exposure to these cyber-related issues. Boards also are seeking a better understanding of the potential for cybersecurity initiatives to enhance their company’s strategic operations. Many board members have questions for their security staff such as, “How secure are we from a particular threat?” or “Can you promise me we won’t be the next [hacked company]?” Security professionals need to be able to answer these questions and help board members understand that cybersecurity does not control the threat landscape facing the company. Instead, the purpose of a mature cybersecurity programme is to provide the business with a platform to manage its risk environment.
A company’s senior management is often responsible for the development of a clear, concise strategy to address threats and vulnerabilities to cyber attacks. The chief information security officer (CISO) is expected to have technologies and security controls in place that reduce the organisation’s risk, as well as processes to monitor the effectiveness of the security programme. It is standard best practice to use a risk management framework, such as NIST CSF, ISO 27001 or COBIT 5, as a platform to establish the current risk baseline. With this platform, selected metrics are chosen as real-time measuring devices to provide visibility into the value being provided to the company.
This story is from the March 2018 edition of Security Advisor Middle East.
Start your 7-day Magzter GOLD free trial to access thousands of curated premium stories, and 8,500+ magazines and newspapers.
Already a subscriber ? Sign In
This story is from the March 2018 edition of Security Advisor Middle East.
Start your 7-day Magzter GOLD free trial to access thousands of curated premium stories, and 8,500+ magazines and newspapers.
Already a subscriber? Sign In
KASPERSKY SHEDS LIGHT ON THE RANSOMWARE ECOSYSTEM
Ransomware is on the tip of everyone’s tongue every time businesses discuss cyber threats they are likely to face in 2021.
GAJSHIELD: ENABLING CONTEXTUAL VISIBILITY FOR OPTIMUM DATA PROTECTION
HARRISON ALBERT, REGIONAL DIRECTOR, D-LINK MIDDLE EAST AND AFRICA, TELLS SECURITY ADVISOR MIDDLE EAST HOW GAJSHIELD’S CONTEXT-BASED APPROACH TO SECURITY HELPS ORGANISATIONS FIND ANOMALIES, REDUCE FALSE ALARM AND PREVENT INTENTIONAL & UNINTENTIONAL DATA EXPLOITATION.
THALES ANNOUNCES NEW SOLUTIONS TO HELP OGANISATIONS DISCOVER, PROTECT AND CONTROL SENSITIVE DATA IN MULTICLOUD ENVIRONMENTS
THALES HAS ANNOUNCED NEW DATA PROTECTION SOLUTIONS FOR GOOGLE CLOUD, MICROSOFT AZURE, AND AMAZON WEB SERVICES, SOLIDIFYING ITS ROLE AS A TRUSTED THIRD PARTY FOR MULTI-CLOUD DATA SECURITY.
RANSOMWARE RECOVERY COST FOR UAE IN 2021 IS $517,961: SOPHOS SURVEY
THE SURVEY POLLED 5,400 IT DECISION MAKERS IN MID-SIZED ORGANISATIONS IN 30 COUNTRIES ACROSS EUROPE, THE AMERICAS, ASIA-PACIFIC & CENTRAL ASIA, THE MIDDLE EAST, AND AFRICA.
OVERCOMING THE CYBER-PANDEMIC
ABHIJIT MAHADIK, DIRECTOR, CYBERSECURITY & INFRASTRUCTURE – UAE & KSA, RAQMIYAT SPEAKS TO SAME ABOUT THE EVOLVING CYBERSECURITY LANDSCAPE, THE THREATS ORGANISATIONS NEED TO WATCH OUT FOR AND HOW THE SECURITY PRIORITIES OF ORGANISATIONS HAVE SHIFTED SINCE THE PANDEMIC LAST YEAR.
FORTINET: MAKING A MARK @ GISEC
ALAIN PENEL, REGIONAL VICE-PRESIDENT, MIDDLE EAST & PAKISTAN AT FORTINET, EXPLAINS WHAT IT MEANS TO BE A PART OF GISEC THIS YEAR AND HOW FORTINET’S CUTTING-EDGE SOLUTIONS CONTINUE TO PROVIDE MAXIMUM PROTECTION AGAINST CYBERTHREATS AND ATTACKS.
ANATOMY OF AN OT ATTACK
MAHER JADALLAH, SENIOR DIRECTOR - MIDDLE EAST & NORTH AFRICA AT TENABLE, DISCUSSES HOW, INSTEAD OF DEFENDING AGAINST AN ATTACK IN PROGRESS, A MORE SUSTAINABLE APPROACH WOULD BE ONE OF PREVENTION – OF ORGANISATIONS DOING A BETTER JOB OF UNDERSTANDING THEIR SYSTEMS, WHERE AND HOW THOSE SYSTEMS MAY BE EXPOSED, AND PRIORITISING THE THINGS THEY NEED TO PROTECT THESE SYSTEMS.
MICRO FOCUS: OFFERING DRAMA-FREE IT WITH OPTIC
TOUFIC DERBASS, MANAGING DIRECTOR MICRO FOCUS MIDDLE EAST & AFRICA, DISCUSSES HOW THE LATEST IT PLATFORM FROM MICRO FOCUS OFFERS UNIFIED INTERFACE AND & EXPANDED INTEGRATION CAPABILITIES.
COPING WITH THE NEW NORMAL
HUSNI HAMMOUD, MANAGING DIRECTOR - ESET ME, BARRACUDA NETWORKS, IVANTI (PART OF MIDIS GROUP), TELLS SECURITY ADVISOR HOW THE CHALLENGES OF THE LAST ONE YEAR HAVE CHANGED THE BUSINESS LANDSCAPE AND HOW ORGANISATIONS ARE NAVIGATING NEW TRENDS.
AN IN-DEPTH DEFENCE STRATEGY
WERNO GEVERS, REGIONAL MANAGER, MIMECAST MIDDLE EAST, DISCUSSES HOW WHEN IT COMES TO EMAIL SECURITY, IT IS NECESSARY FOR SECURITY PROFESSIONALS TO EVOLVE FROM A PERIMETER-BASED DISCIPLINE TO A MORE PERVASIVE ONE.