6 CISO Resolutions for 2019
The ultimate to-do list for ambitious security leaders.
December 10, 2018
The turn of the calendar page is always a great time for self-reflection. But beyond redoubling efforts around the typical life goals of working out, eating right, and taking their vitamins, next year plenty of CISOs are likely to be focused on professional goals that will help them get ahead on the job and reduce risks for their organizations. Here are a half-dozen of the most common areas we expect strong security leaders will be working on in 2019.
The very best CISOs understand that one of their most important responsibilities is keeping the line of communication open between their department and the board. As directors become more involved and interested in their firms' security stance, CISOs will need to hone their strategies to effectively communicate risk and answer their questions.
According to a recent report, less than 30% of enterprises have anything more than a basic container security strategy in place. At the pace of adoption that containers are experiencing in the enterprise, this hole will start to become a problem in 2019. Among the biggest risks that CISOs will need to focus on are misconfigurations: Few organizations have good visibility into container misconfiguration, which was the cause of the Tesla cryptomining attack disclosed earlier this year.
In our digital economy, APIs provide the glue to connect applications, services, cloud resources, and more. But the growing use of APIs is surfacing a ton of risk, and this year we've seen a dramatic uptick in API-related breaches come to the fore. Most recently, the United Postal Service suffered an extremely embarrassing breach that exposed data for 60 million users due to an insecurely designed API.
The compliance deadline for the European Union's General Data Protection Regulation (GDPR) may have come and gone this spring, but that doesn't mean GDPR concerns are in the rearview mirror for most CISOs. Far from it. A study by Dimensional Research in October showed that just 12% of US firms are compliant at this point, and even in the UK that rate only reached 21%.
The turn of the calendar page is always a great time for self-reflection. But beyond redoubling efforts around the typical life goals of working out, eating right, and taking their vitamins, next year plenty of CISOs are likely to be focused on professional goals that will help them get ahead on the job and reduce risks for their organizations. Here are a half-dozen of the most common areas we expect strong security leaders will be working on in 2019.
Read more about:
2018About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024