As a former CISO, I have to say it -
Stop blaming your CISO every time there’s a data breach!
While the CISO plays a huge role and is responsible for identifying risks and implementing systems to tackle them, their influence only goes so far.
The CISO will identify and surface risks to leadership falling into 2 categories:1. Risks the security team can solve directly2. Risks that exist in other parts of the businessThe CISO does not have unilateral authority for decisions outside their department. If a potential risk is found due to activity in another area of the business, they can only advise on the proper course of action. Risk ranking, management, and responsibility are crucial. But, if leadership understands and decides not to follow through with their recommendation, then it’s out of the CISO’s hands.
This is the classic “accepted business risk.”
Strategic risk decisions are core to business success and the CISO can help your business succeed and embrace risk responsibility, but you can’t have your cake and eat it too. If you choose to ignore security, you have to own the outcome - for better or worse.
Fill in some contact info below or schedule a meeting so we can reach out to provide more details on how Altitude Networks can protect you from data loss in the cloud.