In this day and age digital disruption is an ever-present occurrence in almost every sector, and it is this fact that earned some CIOs the title of Chief Innovation Officer’s. But with a massive focus on innovation some areas in business tend to suffer, and amongst the worst hit is security.
“We can’t speak on innovation without touching on security. It might be scary, but to move forward we should never get stuck in the gloom,” said Kendi Nderitu, Check Point, Country manager, Kenya, during the CIO IoT and AI Summit being held at the Crowne Plaza, Nairobi, Kenya.
According to a recent Harvey Nash/KPMG CIO Survey, 89pc of chief information officers said they were maintaining or increasing investment in innovation, yet only one in five claimed they were able to handle a cyber security attack “very well”.
As CIOs come to grips with these harsh realities. The question then shift to, is security the Chief Information Security Officer’s (CISOs) job? By dictionary definition, a CISO is the senior-level executive within an organisation responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected.
The CISO directs staff in identifying, developing, implementing, and maintaining processes across the enterprise to reduce information and IT risks. They respond to incidents, establish appropriate standards and controls, manage security technologies, and direct the establishment and implementation of policies and procedures. The CISO is also usually responsible for information-related compliance.
The CISOs role is becoming more important in the connected world. During the Summit Michael Michie, CISO, M-Orient Bank, said that securing the smart infrastructure is becoming a necessity for businesses, especially businesses that have millions of sensors and thus have many potential points of attack.
“The role of the CISOs is becoming extremely complicated because the skills that CISOs have now is part of a private network which have specific connections to a larger network. But right now, the world we are getting to, everything needs to be connected for things to be cheaper, faster and more reliable they all need to be connected. Essentially you are told to protect the whole world but you work for one organisation only,” he added.
“The role of security in this age of connectivity thus falls to everyone.” Michie concluded.