Industry Calls for Standardization of CISO Role

Professionals from the cybersecurity industry have called for clarity regarding the role of Chief Information Security Officers (CISOs).

Research from Cyber Security Connect UK (CSCUK), a forum for cybersecurity professionals, has stated that CISOs are being pulled into job requirements outside their jurisdiction and that there is a lack of transparency about the responsibilities of cybersecurity teams within UK businesses of all sizes.

The research also pointed to a lack of skilled, fully qualified professionals coming into the profession.

Mark Walmsley, the chair of the CSCUK steering committee and CISO at Freshfields Bruckhaus Deringer, said: “It is no longer a case of if a cyber-attack will occur but more appropriately, when. In addition, these attacks are increasingly becoming more complex and intelligent. With this in mind, a company’s best defense against such events is a dedicated person to lead the fight against cyber-attacks."

Not only does this person need to be qualified, Walmsley added, they must also be dedicated to the cause, have access to information and budgets that allow them to carry out their job and be able to constantly and consistently upskill to keep up with the fast-paced, ever-changing nature of the cybersecurity landscape.

“While it is true that the varying size, financial situation and purpose of a business may affect the role of the CISO or even the requirement for such a person at all, where they are in operation, clear parameters need to be set. Only with standardization and guidance can the role be fully effective. As further digitization of proces ..

Support the originator by clicking the read the rest link below.