Page 34 - index
P. 34
4. Little awareness or appreciation of what effective cyber security requires.
Most people think that all they need is to install an anti-virus, and they're all set to call it a day. That
may have been true decades ago, but that's no longer the case today Attackers are becoming more
sophisticated, and the tools they use are becoming harder to detect. A CISO whose primary
responsibility is to discover any inconsistencies in their company's online landscape is required to
ensure that your business is on top of things, and that there is minimal to no disruption in your
business operations in the event of an attack.
They will also be in charge of providing adequate training and information dissemination programs,
which make sure everyone in the company understands what they can do to keep their data and
information intact.
5. You need to be compliant, but don't know where or how to start.
In response to increasing security risks, governments and other institutions have enforced
standards and compliance requirements to ensure that security is prioritized in various businesses.
In most cases, you need to be fully compliant before you can begin operations.
A virtual CISO would have the expertise to know the steps you need to take to receive adequate
certification, and they'd be the go-to people you can consult for any updates within the industry.
Cyber-security is a holistic pursuit that can't be relegated only to the IT team. It is a real threat that
will have a far-reaching effect throughout your organization, and as such everyone must be
involved; it needs to be a concerted effort where relevant departments actively contribute to the goal
of better security.
You will need one person to be in charge of this concerted effort, and that person is a CISO (or in
some cases, a virtual CISO). He or she will see to it that the goal of adequate security is met and
that accountabilities are crystal clear—without getting lost in other equally pressing agendas
prioritized by other departments.
About the Author
Vladimir de Ramos has been in the IT industry for more than 22 years with focus
on IT Management, Infrastructure Design and IT Security. Outside the field, he
is a professional business and life coach, a teacher and a change manager.
He is also a certified information security professional, a certified ethical hacker
& forensics investigator and a certified information systems auditor.
Check out Vlad's IT community here: http://www.aim.ph/
34 Cyber Warnings E-Magazine – October 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
