The trusted alternative to mass market instant messaging solutions
Boost communication by inviting thousands of members in dedicated chat rooms!
Cryptobox provides businesses and organizations with a sharing and collaboration solution to secure internal and external exchanges, using end-to-end encryption.
Cryptobox is the first secure sharing and collaboration solution to provide end-to-end data encryption, whether your device is a smartphone or a computer.
The digital transformation affects all businesses and organizations, from the smallest to the largest. This transformation brought about by technological developments offers many benefits:
To meet the new challenges of mobility and remote work, Ercom has developed Cryptosmart PC, a sovereign VPN solution to secure the connections of your remote Windows computers.
Cryptosmart is the only “Restricted” French & NATO certified solution, jointly developed with Samsung, to secure end-to-end mobile communications on consumer devices.
Cybels Hub DR, the first "Restricted" level accredited cloud solution to help inter-entity collaboration in a secure environment with partners! Collaborate in voice or videoconferencing, exchange data with your partners, all at the "Restricted Distribution" level, on a cloud operated and secured by Thales.
Posted 14 janvier 2020
Today, CISOs must support their organization and its employees with their various business challenges. They build their organization’s security strategy and assume responsibility in the event of a security incident. However, it takes time for a strategy to bear fruit. The problem is that CISOs often do not have the necessary time between defining a strategy and the resulting actions.
What efforts are required to be more efficient and impactful?
Here are 5 pillars that enable CISOs to establish a sustainable strategy:
Unfortunately, cyber-security often rhymes with firefighting. But it’s not inevitable. CISOs can have a stronger impact if they are able to become builders. In other words, if they build a global security strategy anticipating all uses, including future uses, they can move past responding to security incidents to preventing them.
CISOs must reach out to their entire organization, and to do this, they must have a holistic approach that integrates all uses and needs of their organization. For example, in the age of the digital workplace, mobile uses must be at the heart of their strategy.
According to this year’s Censuswide survey, 94% of French CIOs and CISOs have already given up on applying security updates for fear of having a negative impact on the business, at the expense of security. 40% of them also believe that many cyber-security incidents occur because business units prioritize business processes and customer satisfaction, disregarding security protocols. This observation is often the result of a mutual ignorance of the associated challenges. Indeed, regular exchanges with business unit leaders and a good knowledge of their challenges would enable CISOs to anticipate or respond collectively to any risk that may arise, without compromising security or the business.
In France, human error is responsible for 24% of corporate security breaches, and represent the third risk factor behind actual criminal attacks (51%) and software or hardware technical problems (25%). A statistic that demonstrates the need to train employees so they may become true actors and co-builders of their organization’s data protection strategy, and commit themselves alongside CISOs and CIOs to a continuous improvement plan. In this sense, communicating the right messages to a non-technical audience with little knowledge about the risks involved is a major challenge for CISOs. This is a more educational role involving a collaboration with senior management, the CIO, internal communications and human resources.
The first sponsor of a CISO within the organization is unquestionably the CIO. As security partners, CIOs and CISOs must advance in the same direction and work closely together to establish a consistent Information System Security Policy (ISSP). CISOs must ensure its application, implement risk analysis and crisis management methods, and present a matching budget to enable CIOs to take informed decisions.
To survive as a CISO, technical skills are no longer enough. CISOs need to be versatile, visionary and collaborative. They need to get in touch with the teams in order to fully understand their challenges and provide them with best practices. It is also important for CISOs to work hand in hand with CIOs to ensure a consistent security policy. The effectiveness of the overall strategy that will be implemented will depend on this close collaboration.
Cet article vous a plu ? N'hésitez pas à le partager