Where should the CISO role sit in an organisation to be most effective? The techUK podcast
In December, techUK launched The CISO at the C-Suite report which tackles the key question of how the Chief Information Security Officer role should engage at C-Suite and Board Level, leveraging influence to ensure cyber security is seen as an enabler of the rapid digital transformation that all organisations have seen throughout 2020.
We made five key recommendations in the report to empower the CISO to add differentiated value and to create a strong foundation of cyber security knowledge across the business:
- The CISO must have visibility of the wider business and be empowered to drive change where it is needed. Cyber security is a strategic level priority in all organisations and cannot simply be ‘managed’.
- Transformative efforts must be placed in the right perspective: the CISO must agree the right timeframes for change, looking at longer-term transformation where necessary, beyond immediate tactical firefighting and quick wins.
- Clear reporting lines and responsibilities must be implemented from the outset. The C-Suite should set objectives indicative of the broader digital transformation that the organisation wants to see.
- The CISO function – irrespective of its reporting line – must have a clear, independent budget approved by the Board and commensurate to the transformation objectives set by the Board.
- The CISO must be able to communicate in Board-level terms, framing cyber security as a business enabler and identifying actions/initiatives in terms of business value rather than risk. This must extend to regulatory requirements and how they translate into planned initiatives. A consistent communication approach, with easily understood messaging and content, is important to build understanding and support.
In this episode of the techUK podcast, our Head of Cyber Dan Patefield is joined by the report’s key contributors - Jean-Christophe Gaillard, Managing Director of Corix Partners, and Jason Tooley from techUK’s Membership, Finance and Performance Board to discuss which of the five recommendations really gets to the crux of the issue.
JC and Jason also cover in more depth where the CISO function should sit in a business today; and what CISOs, and their wider organisations, should be doing to position cyber security as a critical business enabler.
This insightful, highly relevant conversation is must listen for 2021!
You can download the full The CISO at the C-Suite here.
Want to be involved in techUK’s Cyber Campaign Week 2021? Reach out to the team today.
Dan Patefield
Dan Patefield
Dan leads the techUK Cyber Security programme, having originally joined techUK in August 2017 as a Programme Manager working across the Cyber and Defence programmes. He is responsible for managing techUK's work across the cyber security eco-system, bringing industry together with key stakeholders across the public and private sectors. Dan also provides the industry secretariat for the Cyber Growth Partnership, the industry and Governmnet conduit for supporting growth across the sector. A key focus of his work is to strengthen the public-private partnership across cyber security to support further development of UK cyber security policy.
Before joining techUK he worked as Forum Lead for the Westminster eForum. In this role he had a focus on the technology and telecoms space, on issues ranging from Broadband and Mobile Infrastructure, the Internet of Things, Cyber Security, Data and diversity in tech. Dan has a BA in History from the University of Liverpool.
- Email:
- [email protected]
- Phone:
- 020 7331 2165
Jill Broom
Jill Broom
Jill is techUK’s Programme Manager for Cyber Security, working across the cyber eco-system to bring industry together with key stakeholders across the public and private sectors.
Prior to focusing in on techUK's cyber security work, Jill was also part of techUK's Central Government programme team, representing the supplier community of technology products and services to Whitehall departments.
Before joining techUK, Jill worked as a Senior Caseworker for an MP, advocating for local communities, businesses and individuals, so she is particularly committed to techUK’s vision of harnessing the power of technology to improve people’s lives. Jill is also an experienced editorial professional and has delivered copyediting and writing services for public-body and SME clients as well as publishers.
- Email:
- [email protected]
- Twitter:
- @honeybroom
- Website:
- www.techuk.org
- LinkedIn:
- https://www.linkedin.com/in/jill-broom-19aa824
