Home » Cybersecurity » CISO Suite » Cybersecurity Is Every Leader’s Job

Cybersecurity Is Every Leader’s Job

by Maurice Uenuma on January 15, 2019

Every organization is led by people who are responsible for setting the overall direction, establishing priorities, maintaining influence over organizational functions and mitigating risks. Given the wide range of organizational types across industry sectors, the titles associated with these roles may vary greatly from CEO to Managing Director to Owner-Operator and beyond, but they share common traits.

They are the most senior leaders, or they directly support strategic decision makers. They likely have fiduciary responsibility and budget authority. They may even be owners of the business themselves. Whatever the specifics, these are the leaders who are held accountable for the organization’s well-being and performance. And in today’s world, cybersecurity is among their chief concerns.

As noted in the recently-published guidebook, Cybersecurity is Everyone’s Job (a publication of the Workforce Management subgroup of the National Initiative for Cybersecurity Education (NICE)), these leaders have a specific role to play in their respective organization’s cybersecurity posture, with responsibilities that include:

Managing and mitigating overall cyber-related business risks,
Establishing effective governance controls,
Prioritizing and resourcing cybersecurity programs,
Safeguarding the sensitive information they rely on for planning and decision making, and
Establishing a cyber-secure culture within the organization.

These are the primary ways that senior leaders influence the cybersecurity posture of their organization.

But fulfilling these responsibilities is not easy, particularly since cybersecurity is just one of many concerns they must address each day. To simplify the task, the guidebook provides a list of practical steps each leader can take.

To begin with, leaders must understand cybersecurity basics and best practices well enough to enable sound decision making. They do not need to become technical experts themselves—these roles are typically delegated or outsourced—but they do need to have a generalist’s understanding of the field, much as they must understand the basics of sales, marketing, (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Maurice Uenuma. Read the original post at: https://www.tripwire.com/state-of-security/risk-based-security-for-executives/cybersecurity-is-every-leaders-job/

January 15, 2019January 16, 2019 Maurice Uenuma culture, Cybersecurity, risk, Risk-Based Security for Executives

Maurice Uenuma

:**Maurice Uenuma is VP & GM, Americas and security strategist at Blancco, collaborating with an excellent team to deliver the world's leading data erasure, IT asset disposition, and mobile lifecycle solutions to address privacy, security, and sustainability needs. Prior to Blancco, Maurice was Vice President, Federal & Enterprise with Tripwire, supporting state governments and large enterprises in the United States. Prior to joining Tripwire, he was Vice President at the Center for Internet Security (CIS), and served as Workforce Management co-chair of the National Initiative for Cybersecurity Education (NICE) Working Group at NIST. Earlier, Maurice held leadership roles at Perot Systems and Dell, and served for nine years as an infantry and special operations officer in the United States Marine Corps. Maurice holds a Master’s degree in National Security Studies from Georgetown University, graduated from the U.S. Naval Academy, and is a GIAC-certified Global Industrial Cyber Security Professional (GICSP).

maurice-uenuma has 12 posts and counting.See all posts by maurice-uenuma