How do you get the business to care about security, instead of viewing it as a roadblock?


76 views1 Upvote1 Comment

Assistant Director IT Auditor in Education, 10,001+ employees
A very good question and always challenging for the CISO and CIO. I was fortunate to work for one of the best run company (in my opinion), early in my career and it was one of the biggest challenges the CISO had to deal with. The CISO was a very very smart guy, and he went (discretely) to the Chief Audit Executive and provided with a list of security audits he thinks would help the organization. Needless, to say a bunch of security audits were put on the audit plan. The results were beneficial to his department, the findings were absence of policies, lack of security compliance with best practices and  enforcement.  This gave him the tools he needs to force the business to follow policies and enforcing them. But it is always a challenge, and it depends also on the organization. IT auditors should be the CISO best ally, use them to poke around the security posture and find the issues before it is too late.

Content you might like

Visionary32%

Communication skills60%

Empathy58%

Accountability48%

Decision-making skills42%

Adaptability25%

Integrity29%

Team-building16%


149 PARTICIPANTS

2.6k views

Founder, Self-employed
Work travel is a privilege. Embracing your experience to meet new people, and see the beauty of nature and culture wherever you go.
Read More Comments
76.5k views71 Upvotes43 Comments

CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
Read More Comments
44.1k views132 Upvotes320 Comments

Autocratic5%

Transformational43%

Servant15%

Laissez-faire6%

Democratic8%

Coaching20%

Others3%


152 PARTICIPANTS

3.2k views1 Upvote1 Comment