Three Keys for CIOs and CISOs to Drive Innovation and Security
At last month’s CIO 100 Symposium, I had the pleasure of moderating a breakout session, called Bridging the CIO-CISO Divide: What Works Best? I had a front row seat for a lively discussion between our CIO, Upinder Phanda, and our CISO, Mat Newfield, about how innovation can coexist with security, and building a culture where the CIO and CISO work together in the best interests of the company.
With the increased frequency and severity of cyber breaches, security is paramount in every IT organization and in every company. A natural tension exists between the CIO, whose job is to innovate IT and enable the business, and the CISO, whose job is to embed security into all aspects of operations.
Upinder and Mat are both brilliant technologists, and I learn something new every time I speak with them. Here are three key points from their dialogue at CIO 100:
- Collaboration and communication between the CIO and CISO is of upmost importance, including regular meetings and consolidated reporting to senior leadership and the Board. (Note: To enhance the communication of cybersecurity risks to the board and fundamentally transform the cyber risk conversation, Unisys recently launched TrustCheck™.)
- The role of the CISO is evolving from a traditional philosophy of protectionism, to a new mindset of exposing risk and presenting options to inform executive decision making. CISOs must move past fear-mongering and present an objective view of the risk environment.
- Creating a risk matrix is essential to understanding the threat landscape and evaluating the most serious risks to a company’s reputation and bottom line. This knowledge is a necessary foundation for making decisions on how best to mitigate cyber risks.
As you can tell, it was quite an informative session! Of course, I would be remiss not to mention that this year’s conference held special meaning for Unisys, as we were honored with a CIO 100 award in recognition of our ongoing secure digital transformation that is creating a more cost-effective, secure network and improved face of the company to the market. We would not have won this award without the tireless efforts of both Upinder and Mat.