- Category: August 2015 - Security
"An effective CISO can no longer rely on his or her technical expertise alone. They must understand how strategic initiatives create risks and develop security programs that balance the need to drive business performance with the growing realities and complexities of protecting customers, intellectual property, and brand", explains Ed Powers, principal, Deloitte & Touche LLP and U.S. leader of cyber risk services.
The expert puts it perfectly in a nutshell what this is all about. Now, the firm developed the CISO Transition Lab that intends to help accelerate a CISO's performance. Deloitte clearly recognized the growing challenges CISOs are confronted with, stating “faced with escalating cyber threats and increasingly complex regulatory mandates, chief information security officers (CISOs) are experiencing growing pressure to protect critical information and infrastructure assets, while also embracing strategic business initiatives to integrate a comprehensive enterprise approach to cybersecurity.
Findings from the company’s CISO Transition Lab reveal that the highest priority for 77% of Lab participants is to promote better integration of business and information security strategies, followed by improvement of data governance and protection. Improvements in the areas of security program governance and talent management are also named as key priorities.
Besides all that, the Cyber Risk Services CISO Transition Lab defines the four faces/roles of the CISO (seen image below): Strategist, Advisor, Technologist and Guardian.
On average, the Lab findings indicate that today’s CISOs spend 77% of their time as "technologists" and "guardians" on technical aspects of their positions, and that they would like to reduce this investment to 35%. This demonstrates a recognizable shift in their desire to place greater emphasis on the "strategist" and "advisor" functions.
Deloitte's CISO Transition Lab continues to generate insights and highlights patterns in CISO priorities that are of great interest to all those who try to protect and push ahead with their business ventures.