Can you blame the CISO who wants to quash any tool, system, or process that invites risk into the organization? CISOs face embarrassing data breaches and unceremonious terminations when employees connect unauthorized devices and applications to the network, leave unlocked computers unattended, or engage in other risky behavior. But what happens when business units want to buy new software or move data to the cloud? These investments carry meaningful risk but they also create efficiencies and lower costs. What are a CISO’s options? Until CISOs become revenue generators rather than cost centers, they must help the business grow. How? Partner with business units to ensure their investments and activities meet their needs as well as protect the organization. Give employees a say in developing security processes. In essence, be a team player.
CISO Street recently moderated a CISO panel in Dallas and asked panelists about their perspectives on several cybersecurity issues and trends. In this video, Eric Ballantyne, Chief Risk Officer and CISO at General Datatech, and Chris Gathright, CTO at Sentinel IPS, discuss the challenges behind managing and mitigating third party risk.