Teleworking has led to a surge in cyber threats. The latest ENISA (European Union Agency for Cybersecurity) report lists the eight most frequent in 2022: ransomware, malware, social engineering, data threats, availability threats (denial of service), internet availability threats, misinformation/misuse of information and supply chain attacks.
Because of this increase, in 2022, 62% of companies in Spain invested more budget to strengthen both teams and equipment and solutions in this area, according to a study by Deloitte. In line with this rise in cybersecurity, the role of the people responsible for protecting devices and information from threats and attacks has gained relevance. In the parade of management positions and acronyms (CEO, CIO, CFO…, a group known as the C-suite), the position of CISO (Chief Information Security Officer), also known as CSO or vice president of security, is the top security officer: he or she is responsible for defining and executing the overall IT security strategy.
While the role of a Chief Information Security Officer will vary between organisations, as a senior executive he or she oversees everything related to technology risk, from management to incident response, forensics to remote workforce protection. Your role is crucial to the organisation and you interact with senior management to keep them up to date on incidents, cyber trends, ROI and many other issues through reporting.
This is a person with great communication skills, as he/she has to explain complex concepts to the other executives, and is a bridge between them and the engineers. He or she must advise them so that they can make the best decisions based on this information and know how to show them the value of the company’s data. Thus, CISOs are always informed of the latest research in cybersecurity in order to be able to make recommendations on the strategy to be followed by the company in this area.
In the event of an attack on the company, it is up to the CISO to indicate how to proceed and initiate the recovery process in order to minimise damage and economic losses. He or she works together with the CIO (chief information officer) and they share responsibilities, such as ensuring the security of an organisation and protecting its assets, to integrate infrastructures such as firewalls, backups, data access control… The difference between the two lies in the fact that the CIO’s objective is to provide services to facilitate productivity (they seek efficiency), while the CISO focuses on compliance with security practices, to provide them in a secure way. In line with the times and technological changes, the role of the CISO has evolved over the years from a profile associated with technical risk to a business driver.
Roles and responsibilities of a CISO
A CISO usually works in large companies. Individuals in this role are also responsible for recruiting security professionals to build teams to develop and implement strategic plans.
These are some of the most common roles and responsibilities of a Chief Information Security Officer:
- Develop and implement secure processes and systems to protect against and mitigate cyber-attacks.
- They perform real-time analysis of threats and incidents in order to react quickly to neutralise and eliminate them. Continuously assess security by periodically simulating attacks.
- Obtain cybersecurity reports on risks, trends, strategies, etc. to update other executives.
- They design disaster recovery plans to know how to act when disaster strikes.
- Conduct forensic analysis and investigations to find out how the attack happened in order to prevent further incidents.
- They train or educate other employees on security best practices. At the same time, they create a culture of security throughout the organisation. Establish a structure that maximises collaboration between departments.
- As cybersecurity is constantly changing, they develop a continuous learning process necessary to be aware of new digital threats and how to identify them, as well as updates to security standards and regulations. This requires them to be proactive in identifying and mitigating risks.
- They must have a solid understanding of the company’s operations and business objectives to align cybersecurity with business strategy.
In addition to a strong technical background (with relevant certifications, such as CISSP or CISM), the CISO job requires attributes or soft skills, such as strategic thinking, excellent communication, the ability to work (and remain calm) under pressure, and strong leadership, analytical and problem-solving skills.
Increasingly, the CISO is turning to artificial intelligence and machine learning to protect and defend the enterprise. At the same time, they deal with the most powerful vulnerabilities and attacks (malware software, sending phishing emails, impersonating a person…) that this same technology facilitates for cybercriminals.