If cutting costs is a business imperative, it’s a mystery why CISOs get any budget at all. Yes, the CISO role has long been synonymous with cost. Some might even say CISOs and cybersecurity budgets are necessary evils. So, if an organization’s cybersecurity investments don’t provide a return on investment, how does a CISO demonstrate value? If a CISO does the bare minimum, the organization and its crown jewels stay safe. If, however, a CISO takes a holistic approach to the role, she’ll strive to protect the organization without slowing employees down. She’ll also know there is inherent value in a strong cybersecurity program because customers want to do business with secure organizations. While these investments may not drive revenue growth, they positively impact the bottom line and that makes shareholders happy.
I recently moderated a panel in Chicago and asked CISOs about their perspectives on the CISO role, including challenges and opportunities. In this video, Alan shares his insightful perspective on how a CISO adds strategic value when they absorb, rather than generate, revenues.
CISO Perspectives is a complimentary resource for cybersecurity professionals featuring insightful viewpoints, best practices, and sage career advice from a cross section of CISOs. These videos and blogs are proudly offered by Accellion, the leader in secure email and secure file sharing for mitigating third party cyber risk.
*** This is a Security Bloggers Network syndicated blog from Cyber Security on Security Boulevard – Accellion authored by Joel York. Read the original post at: https://www.accellion.com/blog/cisos-add-value-to-the-business-by-doing-this/