Although the cybersecurity risk landscape has always been dynamic, the shift to remote work during the pandemic further accelerated massive changes and affected how an enterprise focuses on risk and security services. In a pre-COVID survey by Harvard Business Review, survey respondents were asked what the CISO/cybersecurity leader’s principal responsibilities should be in the next three years. 63% responded that they wanted to build an organization-wide cybersecurity culture. 47% responded they wanted to work with the risk management function to integrate cyber risk with a broader risk strategy.
Digital transformation has been in most business leaders’ minds for a while, but this focus on cyber practices and cyber risk is relatively new. Historically, security operations center’s (SOC’s) have been responsible for monitoring and responding to risk and defending the enterprise against attack. At its core, a SOC system is a reactive approach to cybersecurity that waits for threats to appear before dealing with them, instead of anticipating where the threats will originate. The current SOC model also doesn’t support a way to effectively communicate threats or…