The modern-day CISO faces a multitude of challenges they must face head-on to build a sense of leadership and vision within the security and risk department. With headline-grabbing breaches constantly occurring, the importance of a strong information security strategy within the modern-day business is no longer on the backburner.
While the first CISO was named in 1995, the responsibilities tied to the role have evolved immensely and today are incredibly complex, says Todd Fitzgerald, managing director of CISO Spotlight. It's no longer about managing passwords and "checking the boxes," he added.
“Not only does the CISO have to get prevention right, but also the detection and incident response has to be right as well,” Fitzgerald told InfoSec Insider during an interview shot at the InfoSec World Conference & Expo. “The CISO of today is the privacy and data-aware CISO. The one that understands where their data is in the organization, how to protect it, and what the regulations are.”
InfoSec Insider caught up with CISO Spotlight's Todd Fitzgerald, who offered up concrete tips up-and-coming security leaders can leverage when it comes to achieving organizational effectiveness.