Attending a breakfast seminar on cyber trends it was reviewed that CISO roles may change from champion roles into coach based roles. No longer are the CISO's of a company expected to be the internal security champion, but instead they will be empowering other security team members with tools to achieve company objectives.
The discussion was made that CISO’s perhaps might have less of an executive focus than originally thought and with that, it was reviewed how Cyber & Security are now maturing into 2 separate ontologies. To say, Cyber focuses on assurance elements, whilst Security focuses on build-by design elements. This might have merit for Security Analysts to focus on malware , mitigation or detection whilst architects focus on security by design.
IoT was touched on to mention that if every individual within an organisation is owning more than one device then a cloud solutions ability to scale to provide elastic services will likely be the approved method of infrastructure. With that, the CISO role will perhaps be made easier as cloud is already an accepted board level strategy in most enterprise environments. So whilst cloud based IoT field-devices will be new in concept to most, with numerous methods of secure communications served over a cloud infrastructure, the CISO will have one less function to champion but instead one more function to coach.
The discussion was made that CISO’s perhaps might have less of an executive focus than originally thought and with that, it was reviewed how Cyber & Security are now maturing into 2 separate ontologies. To say, Cyber focuses on assurance elements, whilst Security focuses on build-by design elements. This might have merit for Security Analysts to focus on malware , mitigation or detection whilst architects focus on security by design.
IoT was touched on to mention that if every individual within an organisation is owning more than one device then a cloud solutions ability to scale to provide elastic services will likely be the approved method of infrastructure. With that, the CISO role will perhaps be made easier as cloud is already an accepted board level strategy in most enterprise environments. So whilst cloud based IoT field-devices will be new in concept to most, with numerous methods of secure communications served over a cloud infrastructure, the CISO will have one less function to champion but instead one more function to coach.