Dec 12 2022

14 lessons CISOs learned in 2022

Category: CISO,vCISODISC @ 1:12 pm

The coming new year is a good moment for chief information security officers to reflect upon what they’ve learned this year and how to apply this knowledge going forward.

“If companies are not going to learn these lessons and mature their security practices, we will see increased scrutiny in audits and third-party risk assessments, and this may have a financial, reputational, operational, or even compliance impact on their business,” says Sohail Iqbal, CISO at Veracode.

many lit hanging bulbs

1. Don’t wait for a geopolitical conflict to boost your security

2. The population of threat actors has exploded, and their services have become dirt cheap

3. Untrained employees can cost a company millions of dollars

4. Governments are legislating more aggressively for cybersecurity

5. Organizations should keep better track of open-source software

6. More effort should be put into identifying vulnerabilities

7. Companies need to do more to protect against supply chain attacks

8. Zero trust should be a core philosophy

9. Cyber liability insurance requirements might continue to increase

10. The “shift-left” approach to software testing is dated

11. Using the wrong tool for the wrong asset will not fix the problem

12. Organizations need help understanding their complete application architectures

13. Security should be a continuous effort

14. Have plans in place

Source for more details: 14 lessons CISOs learned in 2022

Tags: CISO

Leave a Reply

You must be logged in to post a comment. Login now.