Shipping companies hire captains to get cargo from Point A to Point B. The captain is expected to deliver the cargo safely and efficiently. The captain has a number of tools at his disposal including a ship, a crew, a map, and a lot of trust, to ensure success. Naturally, the captain’s success depends on the quality of the tools as well as the conditions of the waterway. The best captain in the world won’t succeed unless his boat is seaworthy, his maps are accurate, and his crew is experienced. This should sound pretty familiar for CISOs. When a CISO starts a new job, she naturally wants to build a cybersecurity program of which she and her employer can be proud. But her success depends largely on the tools she has, including people, tools, and processes. If her new company is small or recently established, she will start from scratch. If however her company is established, has a dedicated team and a history of cybersecurity execution and achievement, she will have less heavy lifting to do. Ultimately, the more mature the cybersecurity program, the more equipped CISOs are to achieve their cybersecurity goals. So the faster you get programs and processes in place, the faster you drive down risk, achieve your goals, and impress your boss.
CISO St. recently interviewed Bryan Kissinger, CISO for Trace3 and author of “The Business Minded CISO.” In this video, Bryan discusses the need for CISOs to evaluate their tools upon starting a new role.