How do you get the business to care about security, instead of viewing it as a roadblock?
Assistant Director IT Auditor in Education, 10,001+ employees
A very good question and always challenging for the CISO and CIO. I was fortunate to work for one of the best run company (in my opinion), early in my career and it was one of the biggest challenges the CISO had to deal with. The CISO was a very very smart guy, and he went (discretely) to the Chief Audit Executive and provided with a list of security audits he thinks would help the organization. Needless, to say a bunch of security audits were put on the audit plan. The results were beneficial to his department, the findings were absence of policies, lack of security compliance with best practices and enforcement. This gave him the tools he needs to force the business to follow policies and enforcing them. But it is always a challenge, and it depends also on the organization. IT auditors should be the CISO best ally, use them to poke around the security posture and find the issues before it is too late.Content you might like
Visionary32%
Communication skills60%
Empathy58%
Accountability48%
Decision-making skills42%
Adaptability25%
Integrity29%
Team-building16%
149 PARTICIPANTS
Founder, Self-employed
Work travel is a privilege. Embracing your experience to meet new people, and see the beauty of nature and culture wherever you go.CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.Autocratic5%
Transformational43%
Servant15%
Laissez-faire6%
Democratic8%
Coaching20%
Others3%
152 PARTICIPANTS