Showcasing CISOs to allow them to share their story, leadership experience, challenges, and goals, has always been our priority with Feats of Strength magazine. After three years, we’ve spent more than 100 hours interviewing 100 CISOs. We consider this to be a major milestone for K logix and for the CISOs who participate in our profiles and forums.
This milestone sparked us to commission a study to take these 100+ hours of interviews and extract key trends. Our goal is to share the results with our security leadership community and help make an impact on their programs.
Two main CISO goals emerged as top priorities, these include:
- Security closely aligned with business goals
- Security to be considered a competitive advantage
We also identified the major challenges facing CISOs. These include:
- Security’s role in an organization’s digital transformation
- Managing the noise that comes from vendors and the industry
- Solving the staffing shortage
All three of these challenges are major points of interest for the CISO community. As a result, these topics drive a lot of our focus and consideration. We dedicate this issue of Feats of Strength to understanding the CISO’s role in addressing how digital transformation impacts their organizations.
DIGITAL TRANSFORMATION IS THE CISOS GREATEST OPPORTUNITY YET
We believe digital transformation presents a great opportunity for CISOs to accomplish their two major goals – aligning security with business goals and making security a competitive advantage.
Historically, security was layered on top of already established processes within an organization, without much consideration. This resulted in resistance to the presence and impact of information security including uncertainty of increasing time to value, disrupting productivity and experiencing downtime.
Now, digital transformation is impacting organizations, and security has a key opportunity to be part of strategic discussions as solutions move to the cloud. The new standard for security to be built in from the start demonstrates a fundamental shift taking place.
Securing the cloud is hard work, and it requires a different knowledge set. In the article “Cloud Control” we learn how CISOs and their teams are evolving to address the cloud. Anthony Siravo, the CISO of Lifespan says, “There is a fundamental difference between traditional on-premise engineering and cloud-based engineering. Controls change and lines of responsibility change, and our team needs to be able to adapt to that.”
Barry Abramovitz, the CIO of Liberty Bank, is excited about how the cloud may enable dramatic digital transformation and innovation. He says, “The cloud has enabled a rapid pace of spectacular innovation. I believe that the cloud’s impact on innovation is more dramatic than the cost-savings benefits of the cloud. But some of the most dramatic innovators do not have the best security, so we need to find a balance.”
While the cloud may present more work for CISOs, they now have the opportunity to stake out a leadership position and proactive approach. They have an opportunity to build secure solutions from the beginning and prove how security should be a business enabler. CISOs may decrease time to value for secure solutions and increase security efficacy.
ALIGN SECURITY WITH BUSINESS GOALS
In this issue we profile a number of terrific CISOs, including David Hahn, the CISO of Hearst Corporation. Hearst Corporation exemplifies an organization that has fully embraced digital transformation, with Hahn’s security program at the forefront of business. He says, “Business strategy sets what you need to get done. Hearst went through a real transformation to become a digital company. As a result of the transformation we face new threats that make security a much bigger priority. We need to protect our data while operating without disruption.”
MAKE SECURITY A COMPETITIVE ADVANTAGE
The advent of the digital transformation will have another benefit for CISOs. Today, consumers and customers are more aware of the need for security and privacy. Security-aware customers want to engage with organizations that provide secure digital solutions. For the first time, security can be a core differentiator, and it may be a valuable selling point for businesses. Importantly, security may only be a competitive advantage when solutions are built with the customer’s security in mind. This needs to be articulated to senior leaders who are bullish on the cloud.
Ravi Thatavarthy, CISO of iRobot, shares key insight about the pros and cons of the cloud in this issue. He understands how the cloud supports digital transformations that are valuable to his company and customers. He also knows the importance of his job in protecting the company and client data. He has a tight grasp on the realities of security in the cloud, and as a result he is influencing strategic direction at the highest level. Ravi explains that if senior leadership believes a move to the cloud makes strategic business sense, he needs to be there ensuring security. He says security requires shared responsibility between the company and the cloud vendor. “It is very important to make time to understand exactly what the [cloud vendor’s] contract includes.”
Conversations about digital transformation are happening in nearly every organization. By participating in the discussion and elevating security to the strategic level, CISOs align with business goals and create competitive advantage.
Digital transformation is the next great opportunity for CISOs to truly be part of strategic, impactful discussions and decisions.
Subscribe
Stay up to date with cyber security trends and more