Cyber security becomes more complex, more expensive and more frustrating year on year. The threat landscape is changing too fast. The data management and privacy compliance demands are onerous and expensive. The business risks are too high. Companies can simply no longer place the burden of cyber security and cyber resilience on an IT Manager; yet few can afford the high level and high cost of skills associated with a Chief Information Security Officer (CISO).
Indeed, how many CISOs can truly offer the depth and breadth of skills and expertise required, from technical and management system qualifications to practical cyber security business experience around people, process and technology, as well as the legal understanding required to ensure breaches are managed according to compliance processes?
With a now urgent requirement to reconsider cyber security, to evolve towards a cyber resilience model and effectively map cyber security to a business’ risk appetite, a process that requires close and continued board level discussion and evaluation, a change is required. Alan Calder, Chief Executive of GRC International plc, parent company IT Governance, outlines the…
