CIOs are at the corner of innovation and security, but is security their job?
CIOs are continually innovating and improving their technology, but is cybersecurity their job?
Digital disruption is an ever-present fact in almost every industry today, and it is this fact that has earned some CIOs the title of Chief Innovation Officer. But with a massive focus on innovation, some areas in business tend to suffer, and among the hardest hit is cyber security.
“We can’t talk about innovation without touching on cyber security. It can be scary, but to move forward we must never get stuck in the dark,” said Kendi Nderitu, Check Point, Country Manager, Kenya, during the CIO IoT and AI Summit held at the Crowne Plaza, Nairobi, Kenya.
According to a recent Harvey Nash/KPMG CIO survey, 89% of CIOs said they were maintaining or increasing investment in innovation, but only one in five said they could handle a cybersecurity attack “very well.”
As CIOs face these harsh realities. The question then changes to, is security the job of the Chief Information Security Officer (CISO)? By dictionary definition, a CISO is the high-level executive within an organization responsible for establishing and maintaining the company’s vision, strategy, and program to ensure that information assets and technologies are adequately protected.
The CISO leads staff in identifying, developing, implementing and maintaining processes across the enterprise to reduce IT and information risks. They respond to incidents, establish appropriate standards and controls, manage cybersecurity technologies, and direct the establishment and implementation of policies and procedures. The CISO is also often responsible for information-related compliance.
The role of CISOs is becoming increasingly important in the connected world. During the Summit, Michael Michie, CISO, M-Orient Bank, said that securing smart infrastructure is becoming a necessity for businesses, especially businesses that have millions of sensors and therefore many potential points of attack. .
“The role of CISOs is becoming extremely complicated because the skills that CISOs have now are part of a private network that has specific connections to a larger network. But right now, the world that we’re coming into, everything needs to be connected in order for things to be cheaper, faster and more reliable, everyone must be connected. Essentially, you are told to protect the whole world, but you work for a single organization,” he added.
“The role of security in this age of connectivity therefore falls on everyone.” Michie concluded.