TALKING
‘‘ business address and respond to . CISOs are being asked to answer questions around how AI uses data that ' s held within the business , and what access is being provided into and out of those systems that they are responsible for securing . Currently , AI is being tested and experimented with by organisations , without necessarily having clear data use policies or the means to secure that data from threats .
What strategies could they implement to secure what they have in front of them and then get additional support to do this ?
I think that ' s a great question . Balancing the risk posed by threats from bad actors with the business needs of organisations is key . Companies are looking to use technology to be more open and provide better service to customers , share information about products and services , and engage with all stakeholders more effectively , including vendors , suppliers and customers . However , this openness can increase risk . Nowadays , it ’ s much easier for individuals to access data that would have been inaccessible 10 or 20 years ago . CISOs need to protect this data , as well as intellectual property , systems and employees from threats , while enabling the business to be more transparent and interactive with the markets they serve .
On a personal level , what advice would you give to CISOs experiencing burnout ?
My advice would be that CISOs seek higher levels of engagement from their organisations . They should regularly interact with C-level executives like the CEO and CFO and have opportunities to present challenges they face at the board level . Regularly communicating with the board about threats , not only helps build the CISO ' s skill set in translating technology issues into business terms it also helps secure the necessary funding and resources to minimise threats . Additionally , CISOs should be actively involved in programs that build skill sets , whether through universities or internal career development paths for technology security professionals . It ’ s vital for CISOs to have a clear understanding of their role within the technology group of the business . In large organisations , security is just one part of a broader technology strategy , but effective collaboration with other parts of the organisation is essential .
What impact can burnout have on businesses ?
If the person responsible for your security – and I mean ultimately responsible for the strategy , mission and delivery of security – is burnt out , you can only expect a suboptimal outcome . This is true for everyone , which is why there ’ s a strong emphasis on work-life balance and health . If CISOs are burnt out , tired and overwhelmed , it ’ s unrealistic to expect the best outcomes . Consequently , the organisation won ’ t be as well-protected , resilient or responsive to security breaches as it could be . Ensuring that CISOs are supported and not burnt out is crucial for maintaining the security and overall health of the organisation . p
38 INTELLIGENTCIO APAC www . intelligentcio . com