A common misperception in Cybersecurity is that the Cybersecurity Leader should be a Hacker or a pure technical person!
In the latest report by Gartner, under the title of “Reframe the role of the Cybersecurity Leader,” was that Leadership Misconception is that “The CISO “Chief Information Security Officer” prevents breaches. They highlighted that we should Reframe this to:” A leader Facilitates Risk Management.”
The second point was Leadership Misconception:” Cyber risk is a Security’s problem.” While we should reframe this to:” Cyber risk is a Business/Organizational risk.
We must change our mindset from treating Cybersecurity as a technical problem that should be managed by technical and IT People and start dealing with it as a Risk, like any other business/organizational risk where everyone in the company should be involved.
There is No solution for Cybersecurity; it is a continuous process that we should work on daily, based on a Cybersecurity framework that fits our organization. The most common Cybersecurity risk management framework is the one by NIST “National Institute of Standards and Technology” by the U.S Department of Commerce, and it is composed of five main pillars:
In brief, Cybersecurity is not just a technical problem; it is also an economic, psychological, and human behavioral challenge, all rolled into one. A different set of rules governs cyberspace. The concepts of distance, borders and proximity all operate differently in cyberspace compared to the physical world. Cybersecurity is still “new,” and we are still learning every day.
Roland Abi Najem
CEO of Revotips – Cybersecurity & Digital Transformation Consultants