A day in the life of a vCISO.

There is no such thing as a typical day in the life of a chief information security officer. The role is dynamic, but a number of activities are more common than others. We will take a look at what a CISO is up to in this key role.

The primary aim of any CISO or vCISO is to create a strong security posture that is compliant with legal, regulatory, and contractual obligations of information security, while safeguarding the organisation, its key stakeholders and its invaluable assets such as data.

A CISO is not simply another techie!

Being a CISO is not solely a technical role! One has to be a business leader, with a good grasp of other areas in addition to technology. They need to know marketing, public relations, sales, strategy and much more. CISOs need to know how to speak the language of the C-Level suite and the language of all employees within the organisation.

CISOs need to ‘sell’ the concept of security to all the business units within an organisation. A solid IT background is a must to be able to effectively liaise with technical resources to ensure security controls are in place and are being kept up-to-date with the latest threats. Clearly communicating with IT, the requirements and specifications of both the tools that are required and the policies that need to be implemented and enforced is a core part of a CISO’s daily routine. One successful phishing attack can cause business interruptions that cost the organisation both monetary and reputational damage.

Assessing new tools and best practices is an ongoing process that will aid CISOs implement best-of-breed solutions to protect the organisation and help practise cyber hygiene throughout the organisation.

The main pillars of a CISO’s role

A chief information security officer can have his role organised into eight pillars, namely: risk management, securing the technology, strategy, leadership and governance, securing new initiatives, regulatory and compliance, securing the business, securing the supply chain and finally securing operations. It is indeed an all-rounder role. Contributing to the risk management framework of the organisation is of utmost importance, whereby on an ongoing basis, vulnerability and threat assessments are key for continual improvement and to plan the treatment of risk and manage the acceptance of risk.

Organisations are becoming increasingly more dependent on technology, with wider surfaces and more public (digital) touchpoints. Application, cloud, data, network, server security is an ongoing challenge which needs to be well organised. In regular intervals, penetration tests need to be held to always be the first to know about possible weaknesses.

Information security is crucial to the overarching success of organisations, in fact today it is an integral part of any business strategy. Full business alignment is required. The CISO will act as the information security governance body of the organisation, to ensure all set plans, SOPs and policies are set in motion and adhered to at all times.

Given the importance, a solid budget is assigned to the CISO or vCISO, which would cover the investment in educating employees, continually improving the security of the business, hiring external specialists to carry out pen tests, vulnerability assessments and audits and to cover licence costs for security tools such as WAFs. From strategy formation, to planning, implementation and monitoring and regular reporting – they all fall under the remit of the CISO.

Innovation plays an important role in the day-to-day operations of a CISO. Exploiting emerging technologies such as artificial intelligence, is of paramount importance twofold: to counter the advancements and sophistication of malicious actors who constantly upgrade their hacking techniques and to leverage the power of technology to protect the organisation’s systems and data. The latter helps build a holistic robust security architecture.

With the recent phenomena in working from home and BYOD, the role of a CISO is not only concerned with joiners, movers and leavers (anymore) but also with devices which are out of the organisation’s network and resources working remotely all over the world. Security operations anchored on a strong information security management system are essential for identity management, malware controls and incident management. For regulated business the CISO is ultimately responsible to carry out compliance audits and due diligence reviews to ensure the entity is conformant with the industry regulatory frameworks.

In conclusion, a CISO’s working day will be based on establishing the security strategy of an organisation, assessing risk, managing vulnerabilities and threats, leading audits/reviews/assessments, serving as a security governance body and managing and educating people.

Finding a CISO is definitely not an easy feat. A good number of organisations are opting for a virtual CISO, whereby a fraction of such a resource is contracted. This allows for flexibility and cost containment. Learn More. Speak to us today!