From Security Weekly Wiki
Jump to navigationJump to search
* [ Profile of the Post-Pandemic CISO] - So how has the role of the CISO and security management changed in recent months? And what new responsibilities will CISOs be expected to keep in the pandemic's aftermath? Security experts share their insights.** More Emphasis on Physical Security May Become the Norm** A Focus on Mental Health Is Now Essential** If They Weren't Before, CISOs Must Zero in on Business Strategy** The Attack Surface Must be Redefined* [ 5 Mistakes That Threaten Infrastructure Cybersecurity And Resilience] - With many IT budgets under scrutiny, cybersecurity teams are expected to do more with less, prioritizing spending that delivers the greatest ROI while avoiding the top five mistakes that threaten their infrastructures, including:** No accountability for the crown jewels for the company.** Cybersecurity budgets aren’t revised for current threatscapes.** Conflicts of interest when CISOs report to CIOs and the IT budget wins.** The mistake of thinking cloud platforms’ Identity and Access Management (IAM) tools can secure an enterprise on their own.** The mistake of thinking cloud platforms’ Identity and Access Management (IAM) tools can secure an enterprise on their own.* [ Time to rethink business continuity and cyber security] - Business continuity and cyber security remain largely in separate silos, but changes in the IT and cyber threat landscapes mean there is an urgent need for organisations to alter their approach. To support a broader, recovery-focused, integrated and aligned approach to BCM and cyber security, organisations need to act in three key areas:** Planning – Restructure BCM and cyber security teams to ensure greater integration and collaboration in terms of operations, processes, procedures, responsibilities, and technology investments.** Technology – Plan for the worst in terms of detection, response, recovery and improvement of both security and continuity capabilities.** Policy – Implement and enforce stringent privileged access management (PAM) controls to help enforce a policy of least privilege.* [ Remote working set to remain but so do management challenges] - According to a survey of 2,200 businesses globally, including 500 in the UK, by global recruitment firm Robert Walters, there is a mixed signal on remote vs. onsite workforce plans... ** 49% of UK companies are currently planning how to return staff to offices. Almost half (49%) are planning a staggered return to the office for their workforces, based on health risks and 46% based on how critical their roles are.** 87% of employees said they would like more opportunities to work from home after they return to the workplace, and 21% said they would like to work from home permanently.** But businesses concerns might mean this is not possible with a total of 64% concerned over employee productivity, and 57% of senior leadership at preferring traditional ways of working.* [ Protecting Remote Workers’ Productivity and Performance] - What do we need to watch out for to preserve the health and viability of our remote employees?** Beware Virtual Distance, including physical distance; operational distance, including such conditions as poor internet connections and technical problems; and affinity distance that prevents deeper connections from developing.** Make Personal Connections, especially supervisors and colleagues to invest time in getting to know more about each other.* [ 10 essential negotiation tactics CISOs should know] -CISOs are constantly in negotiations, whether it’s to draw up vendor contracts, developing strategy with C-suite colleagues or drafting workplace requirements with newly hired direct reports. Here are 1- tactics to help you with these negotiations:** Recognize it’s a negotiation, not a debate** Build trust** Envision what you want** Discern the other side’s needs** Prepare** Put aside assumptions, learn to listen** Trade against your logic** Think through different potential scenarios** Keep emotions in check** Don’t aim to win


Navigation menu