The trusted alternative to mass market instant messaging solutions
Boost communication by inviting thousands of members in dedicated chat rooms!
Cryptobox provides businesses and organizations with a sharing and collaboration solution to secure internal and external exchanges, using end-to-end encryption.
Cryptobox is the first secure sharing and collaboration solution to provide end-to-end data encryption, whether your device is a smartphone or a computer.
The digital transformation affects all businesses and organizations, from the smallest to the largest. This transformation brought about by technological developments offers many benefits:
To meet the new challenges of mobility and remote work, Ercom has developed Cryptosmart PC, a sovereign VPN solution to secure the connections of your remote Windows computers.
Cryptosmart is the only “Restricted” French & NATO certified solution, jointly developed with Samsung, to secure end-to-end mobile communications on consumer devices.
Posted 16 décembre 2019
By enabling organizations and information systems to be more agile and connected, digital transformation has also made them more vulnerable. To address key security issues and increasing risks, the role of Chief Information Security Officer (CISO) has changed significantly in recent years.
Formerly responsible for ensuring their organization’s certifications (ISO 27001, etc.), CISOs must now wear multiple hats and have both varied and specialized skills to protect their organization. They implement protections against cyber-threats and means to control their impact (reduce vulnerabilities, resolve compliance issues…). They are also responsible for budgets, and are advising, training and reporting issues to senior management and their employees, to apply best practices and reduce risky behaviors.
This evolution forces many challenges upon CISOs, for whom new skills become key: business acumen, communication and presentation, crisis management and leadership.
CISOs are today the experts who, according to ANSSI, define information system security policies and ensure their application. They play a role in advising, assisting, informing, training and alerting senior management. Depending on the size of their organization, they play an operational role in the implementation of security policies, or supervise a team of technical experts and consultants. They recommend the IS security policy to the competent authority and ensures it is applied. They can take actions in regards to security on all or part of their organization’s IT and telecom systems, both at the technical and organizational level. They perform technological and regulatory monitoring work in their field and recommend the changes they deem necessary to guarantee IS security as a whole. They are the recognized interface for operators and project managers, as well as experts and stakeholders.
Increasingly, it is essential for CISOs to focus on humans instead of technology. Indeed, what is the point of setting up security products if users misuse them, or even do not use them at all? CISOs must regularly meet business units and users of their IS to understand issues and not be seen as an obstacle to productivity, but as a partner.
Digital transformation and increase in cyberattacks is changing the priorities of organizations and CISOs. CISOs are now a strategic element of management teams. This is one of the strongest transformations for CISOs. They become a stakeholder in their organization’s strategy and must, as such, be able to participate in the decisions and anticipate all events.
Although technical qualities remain paramount for CISOs, they are no longer sufficient to meet the variety of skills required. Stéphane Renaud, CIO of Vivendi, declares: “The first quality of a good CISO is that he or she must be a very good communicator.”
These are the qualities that allow CISOs to excel:
First, it is indisputable that CISOs must have technical skills and the ability to improve their knowledge in this ever-changing industry. In addition, they may have an operational role in the implementation of security policies in relation to business needs.
They must also be qualified managers and good listeners, as they usually supervise a team of technical experts and consultants. These qualities are all the more important as the list of missions grows longer. They must be able to delegate efficiently and confidently some of their tasks.
For CISOs, financial management has become an essential skill when faced with limited budgets. Osterman Research’s Life inside the Perimeter – Understanding the Modern CISO survey for Nominet reveals than less than one out of two CISOs (43%) consider they have an appropriate budget. Whether for intellectual, technical or security services, CISOs must be able to monitor and streamline security investments.
Knowing how to communicate is essential for CISOs. They are spokespersons for common rules in terms of security with all stakeholders: directors, managers, business associates and IT professionals. While CISOs advocate new tools and uses, they must also be able to ensure their adoption, and support employees along these changes. This complex mission requires good leadership.
The regulatory framework around information system security is tightening. CISOs must be able to speak the same language as lawyers.
Crisis management today is an inherent part of their role. CISOs are exposed in the media and politically in case of incidents, and must be able to take the right decisions and communicate the right messages along with CIOs.
Finally, it is unthinkable for CISOs to work alone behind their desk. They must create a link with all of the employees, and in particular with business teams who will share their challenges. They must also work hand in hand with CIOs who drive information system developments and rely on CISOs to ensure their security.
Their best allies to overcome these new and multiple challenges are undoubtedly the CIOs: They form a duo that will benefit from working together, by leveraging their complementarities.
Cet article vous a plu ? N'hésitez pas à le partager