Cybersecurity is a concern across the industries, as per former White House CIO and CEO Theresa Payton. In fact, a recent World Economic Forum study suggests that it is the topmost concern for all executives. In this article at Enterprisers Project, Stephanie Overby comes up with a CIO to-do list for this year’s cybersecurity plan.
CIO and Cybersecurity
Payton further adds that along with encountering similar attacks, hackers are exploring new avenues. Cryptocurrency mining and stealing data from IoT devices are becoming popular. A CIO must thereby be wary of the new types of attacks. Following are the to-do list for this year’s cybersecurity plan:
- Being Proactive About the Cybersecurity Drill: Not only should the CIO have a backup plan prepared, but it should also undergo rigorous testing regularly. Go through the communication channels and partners in terms of forensics, security, law, and crisis.
- Staying on Top of the Cybersecurity News: As a CIO, you must constantly be on the lookout for cyber news released by DHS and FBI. The national hackers can also attack the private companies. So, you should not only plan and educate the workforce but also attend conferences and read up social media articles. TED talks, RSA and Black Hat seminars, NIST framework, The Center for Internet Security controls, and GDPR provide free information.
- Linking Cybersecurity Plans with Corporate Strategy: CIOs should start thinking about how the cybersecurity attacks affect businesses and plan accordingly. These attacks can be threatening in terms of technology as well as your brand reputation.
- Considering the Human Factor: There will be non-technical employees that would respond to the phishing emails, use the same passwords, and utilize free WiFi. A CIO must keep this in consideration while preparing for the cybersecurity plan.
- Physical Security Being as Important as the Virtual Ones: With companies introducing smart devices, the cyber threat is soon to become a physical one. The CIO must also keep a tab on the physical security of the company for a well-rounded prevention plan.
- Sharing Attack Information to Safeguard the Future: As a CIO, revealing that your company is under security attack can embarrass you. However, Payton opines sharing information and coming up with a solution is a laudable act.
- Being Unconventionally Talented: Companies usually look for talents in known premises with traditional degrees. Bring in diversity and search for candidates with
problem-solvingaptitude to tap into their innovative minds. Degrees do not create curiosity, so you can train these talents by feeding their creativity.
To view the original article in full, visit the following link: https://enterprisersproject.com/article/2018/12/8-security-dos-cios-2019