The Evolving Role of the CISO.

Author:Whitehead, Robin
Position::DATABASE AND NETWORK INTELLIGENCE: SECURITY VIEWPOINT - Chief information security officer
 
FREE EXCERPT

How digitalisation is bringing the fight to industrial security threats. Robin Whitehead, Boulting Technology.

It's a simple fact that data makes the modern economy turn. Being the first business to act on insights gained from pivotal pieces of information gives businesses a distinct competitive advantage. However, it's also quickly becoming a fact that the same data is being targeted by skilled cybercriminals intent on causing damage to infrastructure.

Here, Robin Whitehead, managing director of systems integrator Boulting Technology, explains how this is impacting the role of the chief information security officer (CISO) and resulting in the need for end-to-end digitalisation.

Sophisticated cyber attacks

With the world facing sophisticated attacks such as the likes of WannaCry, Petya and NotPetya in 2017, cyber threats are the biggest modern technological fear. Although sectors such as financial services are most at risk, there have also been numerous high-profile attacks on utilities, oil and gas and food manufacturing environments in recent years.

On 27 June 2017, confectionary manufacturer Cadbury was hit by a cyber attack, which halted production at its Hobart factory in Australia. Computers were infected with the Petya ransomware virus and displayed a message on the screen demanding payment in cryptocurrency.

Later that same day, NotPetya--a variant of the Petya virus--further damaged facilities across Europe. NotPetya exploits a backdoor in the update system of a Ukrainian tax-preparation programme running on Windows and used by around 80 per cent of all Ukrainian businesses.

The new CISO

It should come as no surprise then that the advice of IT and security experts is now being sought at the highest levels of business. The role of the chief information security officer (CISO) is also changing in response. Acting as the head of IT security, the CISO has traditionally been responsible for things like operational compliance and adherence to ISO standards as well as performing IT security risk assessments and ensuring that the business is using the latest technologies.

Increasingly, the CISO must also drive IT security and strategy, guiding everyone from the shop-floor staff to the most senior officials on how best to prevent cyberattacks. The modern CISO now takes a seat at the boardroom table, ensuring business continuity, come what may.

End-to-end digitalisation

For industrial businesses, this change cannot come soon enough. The...

To continue reading

REQUEST YOUR TRIAL