Light Dark
October 4, 2017 By Nir Carmel 3 min read
CISO
Application Security

When I think about my family vacations from childhood, I remember camping trips, hours on the beach, sharing stories around the campfire and the fun my siblings and I used to have in the back seat of the car — jumping on each other, switching seats and hopping from the third row into the front seat. Half the fun was enabled by the fact that we had no seat belts.

I also remember how frustrated we all were when they made seat belts mandatory — how we complained, cringed and pushed back when our parents forced us to put it on, and how annoying, restricting and uncomfortable the seat belt felt. But the interesting thing is that, within just a few weeks, putting on a seat belt became second nature. When we stopped dwelling on it, the seat belt no longer felt itchy and uncomfortable.

Read the Forrester Research Study: Future-Proof Your Digital Business With Zero Trust Security

Buckle Up for Safety

The seat belts in our cars and the cybersecurity in our organizations are more similar that you might think. Both were once seen as unnecessarily restrictive burdens and are now considered essential to our safety and, in the case of cybersecurity, the integrity of our sensitive data.

We all know that putting on your seat belt or applying security measures is the smart thing to do because it can save your life — or save your business from a security event — but we are often too lazy or too focused on other things to do the right thing. In fact, we often wait for a new regulation to force us to take the right security controls.

Just like the seat belt in my car, cybersecurity can easily become second nature to your organization. The sooner you embed security into your decision-making process, the sooner you can negate the belief that security slows down the business.

A chief information security officer (CISO) can help you accelerate your digital transformation and support business goals by adhering to the following principles:

  • Develop a risk-based approach to all business and IT initiatives.
  • Protect the data, not just the infrastructure.
  • Consolidate identity across all platforms, including on-premises, cloud and mobile.
  • Understand that compliance is just the first step, not the end goal.

Increased Collaboration Drives Digital Transformation

In a recent presentation at the Cybersecurity Nexus (CSX) conference, I was reminded about my childhood experience with seat belts. It’s amazing how something that seems uncomfortable at first can quickly become just another fact of life — one that ultimately keeps you safer. More specifically, I explored how line-of-business (LOB) executives and information security professionals can and should work together to implement security controls, adopt a risk-based decision-making process and drive the next wave of innovations to support business growth.

This digital transformation can serve as a great opportunity to revamp your security program to foster greater collaboration between the IT team and LOB executives. To begin the process, the CISO should first locate the organization’s sensitive data, then consolidate identity and access management (IAM) and device management controls. Finally, the CISO should infuse these strategies into the organization’s DevOps processes.

LOB executives, for their part, must consider security risks when making business decisions, and understand how the CISO’s efforts can actually benefit the business by empowering consumers and encouraging collaboration based on real-time security data. This enables the organization to efficiently release and adopt new applications to drive growth and optimize security programs that are aligned with business goals.

These cybersecurity measures are designed to help businesses meet their goals and sustain growth, not to impede progress or productivity. An open line of communication between security and business leaders is all it takes to quell executives’ fears and demonstrate how, like a seat belt, cybersecurity can save your organization in the virtually inevitable event of an accident.

Learn More

To learn more about unleashing your security team’s true potential and accelerating your digital transformation, download the complimentary Forrester Research report, “Future-Proof Your Digital Business with Zero Trust Security.”

Read the Forrester Research Study: Future-Proof Your Digital Business With Zero Trust Security

 |  |  |  |  |  |  | 
Nir Carmel
Information Risk and Protection Offering Strategy, IBM Security

More from CISO
October 27, 2023

The evolution of 20 years of cybersecurity awareness

3 min read - Since 2004, the White House and Congress have designated October National Cybersecurity Awareness Month. This year marks the 20th anniversary of this effort to raise awareness about the importance of cybersecurity and online safety. How have cybersecurity and malware evolved over the last two decades? What types of threat management tools surfaced and when? The Cybersecurity Awareness Month themes over the years give us a clue. 2004 - 2009: Inaugural year and beyond This early period emphasized general cybersecurity hygiene,…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature