FINAL WORD
Changing rules of the game
Digital transformation and the evolving macroeconomic environment are setting the pace and expectations for enterprise business leaders . Cyber security decision makers need to follow the lead taken by their business counter parts and adapt their strategies to support and facilitate their success .
The underlying expectations from business that cyber security leaders need to support , also enabled by the various adopted digital platform include flexibility , autonomy , modularity and self-service , among others .
Internal blocks
It is important to identity the biggest internal blocks that are hindering the passage of implementation for modern security policies .
For example , identify the biggest critics of the cyber security team at the executive management level . List their entire expectations and work towards meeting those expectations or aligning with those expectations as a priority , wherever practical .
This will help to increase the support for the cyber security team ’ s performance at the executive level . It will also demonstrate to other business leaders of the cyber security team ’ s commitment to make progress and support business leaders and their functions .
Gartner research shows that 58 % of boards of directors expect to increase their risk appetite in between 2024 and 2025 , and 58 % see digital technology initiatives among their top five business priorities for the next two years .
However , stakeholder ’ s confidence in the ability of cybersecurity leaders to support these initiatives as a trusted partner is not assured . Gartner research shows that 47 % of CIOs see cybersecurity risk mitigation processes as a hindrance to digital execution .
Cyber security leaders are already struggling to keep up with existing technology and risk challenges . Finding the capacity to deliver higher volumes , at a faster pace , with greater flexibility for business , without more people or resources , looks impossible in the current conditions . Unless cyber security leaders and their teams relook at fundamentals .
Here are some recommendations to make headway in this direction .
Cyber security leaders must be seen as helping to trade off restrictive control measures in favour of business enablement , without creating additional risks or compromising on compliance and guidance . Cyber security leaders must be able to work with their business counterparts towards enablement of business rather than being viewed as control managers .
Programme champions
Identify motivated employees across the enterprises who can support and further communicate selected facets of the company ’ s security policies to the rest of the enterprise . They become advocates and ambassadors who can communicate the need and benefits of those specific aspects of the security policy to the rest of the enterprise .
While responsibility for security technology implementation does rest with the IT security team , evangelisation and championing the need for cyber security can be leveraged from outside the security department .
www . intelligentcio . com INTELLIGENTCIO MIDDLE EAST 87