Inside the Briefcase
Cyber Activity is Keeping the CISO Awake at Night
July 12, 2012 No CommentsSOURCE: Ovum
The most worrying issue for C-level security professionals, and the thing that often keeps them awake at night, is the fear of the unknown. The chief information security officer (CISO) is the person in direct line of fire when security breaches occur, and given the deteriorating state of information security, taking overall responsibility for security-related issues is a perilous role.
During the last 12 months several leading organisations have admitted to serious data breaches. As a result, organizations are being advised by security industry experts that defense in depth will not keep everything safe, and no matter how secure you think you are all organizations are potential victims. Business organizations are being told to act as though they have already been breached. The emphasis is now on the need to identify data breaches at the earliest opportunity and deal with the impact as quickly as possible.
The CISO community recognizes that there is a clear difference between professional hackers that use stealth tactics to attack organisations in order to steal information and use it for financial gain, and “hacktivists” who target organizations because they hold a personal or idealistic grudge and want to see it held to account. Previously these groups were seen by CISOs as activists or in some cases vandals, but in the last few years they have become more organized and more focused on the levels of press coverage that successful attacks generate.
