As tempting as it may be, CISOs joining a new organisation must be careful not to build their own security plans without first gaining a thorough understanding of what the business strategy is and how to align with it.
In this video, Hadi Hosn, SecureWorks Head of Security Strategy and GRC Consulting in EMEA, gives a couple of quick tips about building cybersecurity programmes to CISOs joining new organisations.
The main steps CISOs should follow to be effective, and this is really around when they join a new organisation. When a CISO’s new at his job the main steps he needs to follow is understand the business he’s joined. Understand the business strategy, build a rapport with some of the stakeholders whether it’s leaders within the business or some of the actual influencers to try to understand where their strategy is and align to that from a security perspective. They can’t come in and start building their own security plans, they need to align security plans to what the business is focusing on.