Andrew Smith, Kyocera’s CISO, explains how businesses can secure themselves against external threats and keep their digital assets and data safe
Chief Informational Security Officers (CISOs) have been a staple of C-suite management teams in recent years, with cyber threats and cyber-readiness becoming a dominant theme for many businesses.
In a market where cost is critical, some businesses will naturally decide there is no option but to remove or avoid hiring for the CISO role. In other cases, the company could be a cash-strapped startup with only a few full-time employees, but that doesn’t negate potential cyber-risks that can threaten any business.
If a business is going to forgo a dedicated team member for cybersecurity, then Andrew Smith, CISO for Kyocera Cyber (Part of the Kyocera UK Group) shares how to prepare a business against digital threats and help protect assets. Smith explains:
“To ensure risk is managed, and digital assets are protected, businesses should consider their existing frameworks, governance, and control models. With proven frameworks and models embedded, there is more chance that the continuation of these controls will provide some level of risk management and stability.”
To ensure digital strategy matches the business goals, there’s an essential checklist businesses can follow in the absence of a CISO:
-
- Understand how the digital strategy fits the overall business strategy and underline the dependencies and interconnections.
- Put together a comprehensive database of what market data and insights the company’s digital strategy is based on. This ensures a business is only using relevant and trusted data to inform business strategy
- Understand the scope for execution beyond the traditional roles of a CISO. For example, do the resources in middle management exist to execute a plan if provided to them by an outgoing CISO or outsourcing company?
Smith continues, “If the chosen path is to outsource, companies should strongly consider how they are ensuring governance, control, and best-in-breed advice for their preferred supplier. Does the outsource supplier have the transparency to enable these controls to be owned by other C-suite members? With the path to finding the right talent becoming increasingly complex, there is a space for outsourcing if you believe transparency and control can be achieved alongside true partnership that enables the business to achieve the transformation to remain relevant.”
The path to finding the right talent is becoming increasingly complex, especially in the current economic climate. However, there is a valid space for outsourcing if the C-suite believes transparency and control can be achieved within a trusted partnership model. One that enables businesses undergoing digital transformation projects to remain relevant, and become more resilient by protecting their data and digital assets from risk in an ever challenging threat landscape.
