HOME
NEWS

A CISO's First 90 Days: The Ultimate Action Plan and Advice


By VARINDIA - 2023-08-29
A CISO's First 90 Days: The Ultimate Action Plan and Advice

By  Maheswaran Shamugasundaram, Country Manager - India, Varonis

                                                                                                                                                                        

Many organizations seek a Chief Information Security Officer (CISO) who possesses a mix of technical proficiency and leadership abilities. While this is no longer a purely technical role, CISOs need to be able to communicate effectively with technical teams, understand evolving security risks and data protection technology, and also be able to articulate complex security matters and solutions to non-technical executives and board members.

 

For CISOs starting at a new organization that has unknown data governance and security systems, the first 90 days can be challenging to say the least.

 

Challenges faced by new CISOs

Over the last 10 years, the role of the CISO has become pretty complex, and this has become even more pronounced since the onset of COVID.

From a relatively straightforward office job that involved protecting devices and files where data is stored, CISOs today have to do a lot of heavy lifting due to the world of remote work and the progressive shift of data into the cloud.

Employees and applications now need to be connected to each other 24/7, around the world. Not to mention the abundance of third-party applications that require access to your sensitive data and often don’t get the security team's seal of approval prior to activating. This means dealing with new threat vectors and additional gaps that can be exploited for fraud and theft, such as employees working from unsafe locations and wifi networks.

Spare a thought for CISOs who have ended up with tons of extra tasks and risk management problems from remote work.

On the flip side, with advanced technology such as Data Security Posture Management (DSPM) platforms, CISOs can easily locate and tag more sensitive data, apply access permissions, and track usage and movement. This means they can quantify risks and analyze what went wrong in the event of a breach so they can prevent future attacks.

For organizations that rely on endpoint and perimeter solutions for security, CISOs can bear the brunt of any attacks by the latest developments in ransomware, such as threats that seek to monetize their malicious access.

These breaches can result in your data being held for ransom and locked down until payment is made. Payment demands are often made with crypto as the currency, which makes it hard to track, and almost impossible to recover once a payment is sent.

From a team perspective, the role of CISO is a disabler, not an enabler—so new CISOs need to develop a thick skin early on.

They’ll need to build out a team of SecOps, GRC, and Sec Architects, and ensure that everyone is productive whether they’re on-site or working from home. Plus, they’ll need to ensure that security initiatives put in place are understood and adhered to by everyone – from the CEO to the R&D teams and non-technical board members.

The challenges faced by a new CISO can also manifest in other ways, like stress from a lack of resources and technology available to help them succeed in their role. A single, centralized platform can positively impact their work, reduce the risk of mistakes, and improve stress levels.

 

Why the first 90 days are critical for a new CISO

It’s a CISOs responsibility to establish a solid security foundation as rapidly as possible, and there are many mistakes that can be made along the way. This is why the first 90 days are the most important for new CISOs.

Without a clear pathway to success in the early months, CISOs can lose confidence in their ability as change agents and put their entire organization at risk of data theft and financial loss. No pressure!

Here’s our recommended roadmap for CISOs in the first 90 days of a new role.

 

CISOs’ action plan for the first 90 days

Having an action plan in place for the early days can help CISOs prioritize the steps they need to take, based on what they learn about an organization's existing systems and data. This means they can reduce the feeling of overwhelm and work strategically toward business goals.

 

Implement measures to ensure data is protected

For a new CISO, it can be challenging trying to locate and classify all the sensitive data across an organization, not to mention ensuring that it’s also safe from a variety of threats.

Data protection technology is often focused on perimeters and endpoints, giving internal bad actors the perfect opportunity to slip through any security gaps in files, folders, and devices. For large organizations, it’s practically impossible to audit data activity at scale without a robust DSPM.

It is important to have a customized Data Risk Assessment that causes zero disruption to your IT environment, and can help new CISOs quickly:

* Pinpoint vulnerabilities.

* Simplify compliance.

* Prioritize risks and act on them according to business requirements.

 

By implementing a DSPM tool, CISOs can automatically build a baseline, or “peace-time profile” over hours, days, and weeks for every user and device in your organization, enabling them to:

* Easily spot unusual behavior in the cloud or on-prem.

* See what kinds of accounts exist and who they belong to.

* Understand who uses which devices and accesses certain data.

* Monitor when users are active and where they are located.

 

Develop a system to detect and respond promptly to any potential breaches.

Most security solutions can only fix breaches after they’ve happened, not before or during a threat event. In many cases, affected data can’t be restored—so an “after the fact” solution isn’t enough.

Focusing on data and insider threats, allows CISOs to secure files, folders, drives, and permissions far beyond the abilities of simple backup or perimeter solutions. This includes insider risk-management tools and automatic detection at any sign of compromise.

Alongside automated threat detection and mitigation, organisations should have a dedicated incident response team who can help with:

* Proactive alert monitoring and threat investigation.

* Customized threat model development.

* Automated response configurations.

* Regular updates to review security findings.

 

Ensure there are robust security measures in place.

Organizations create and send a stunning amount of data every day across their cloud and internal networks. As cloud service adoption increases, CISOs need to know where the risks are at every touchpoint so they can prioritize each risk and put the necessary security in place.

This includes thinking about factors such as:

* Enhanced monitoring of external and guest users.

* Privileged account monitoring.

* The ability to spot risky configuration changes and deviations from service best practices.

* Stale identity removal.

 

Establish procedures to demonstrate that data is handled responsibly.

CISOs should establish procedures and reporting that can help them demonstrate to stakeholders and board members that data is being classified and handled appropriately.

They need to prove that:

* Sensitive data is labeled correctly.

* Users can have access granted or revoked as appropriate.

* The data lifecycle is being managed.

* Unauthorized or suspicious activity is flagged and dealt with at speed.

 

Reports should be able to be generated as needed to provide updates to stakeholders, and enable their organization to make smarter, faster decisions about their data security.

 

Maximize the value of the tools and technology.

Having best-in-class tools and technology won’t make any difference to your security unless there’s widespread adoption and usage.

Adopting powerful data security solutions within a single, user-friendly platform, which ensures optimal adoption with little to no learning curve is imperative.

See What’s Next in Tech With the Fast Forward Newsletter

SECURITY
View All
Zscaler announces AI innovations to its Data Protection Platform
Technology

Zscaler announces AI innovations to its Data Protection Platform

by VARINDIA 2024-05-20
SHIELD to enhance Swiggy’s fraud prevention and detection capabilities
Technology

SHIELD to enhance Swiggy’s fraud prevention and detection capabilities

by VARINDIA 2024-05-20
Axis Communications announces its first thermometric camera designed for Zone/Division 2
Technology

Axis Communications announces its first thermometric camera designed for Zone/Division 2

by VARINDIA 2024-05-20
SOFTWARE
View All
Hitachi Vantara and Veeam announce Global Strategic Alliance
Technology

Hitachi Vantara and Veeam announce Global Strategic Alliance

by VARINDIA 2024-05-16
Adobe launches Acrobat AI Assistant for the Enterprise
Technology

Adobe launches Acrobat AI Assistant for the Enterprise

by VARINDIA 2024-05-11
Oracle Database 23ai offers the power of AI to Enterprise Data and Applications
Technology

Oracle Database 23ai offers the power of AI to Enterprise Data and Applications

by VARINDIA 2024-05-10
START - UP
View All
Data Subject Access Request is an integrated module within ID-REDACT®
Technology

Data Subject Access Request is an integrated module within ID-REDACT®

by VARINDIA 2024-04-30
SiMa.ai Secures $70M Funds from Maverick Capital
Technology

SiMa.ai Secures $70M Funds from Maverick Capital

by VARINDIA 2024-04-05
Sarvam AI collaborates with Microsoft to bring its Indic voice LLM to Azure
Technology

Sarvam AI collaborates with Microsoft to bring its Indic voice LLM to Azure

by VARINDIA 2024-02-08

Tweets From @varindiamag

CIO - SPEAK
Automation has the potential to greatly improve efficiency and production

Automation has the potential to greatly improve efficiency and production

by VARINDIA
Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

by VARINDIA
Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

by VARINDIA
Start-Up and Unicorn Ecosystem
GoDaddy harnesses AI power for new domain name recommendations

GoDaddy harnesses AI power for new domain name recommendations

by VARINDIA
UAE’s du Telecom selects STL as a strategic fibre partner

UAE’s du Telecom selects STL as a strategic fibre partner

by VARINDIA
JLR and Dassault Systèmes extend partnership for All Vehicle Programs worldwide

JLR and Dassault Systèmes extend partnership for All Vehicle Programs worldwide

by VARINDIA
Rapyder partners with AWS to accelerate Generative AI led innovation

Rapyder partners with AWS to accelerate Generative AI led innovation

by VARINDIA
ManageEngine integrates its SIEM solution with Constella Intelligence

ManageEngine integrates its SIEM solution with Constella Intelligence

by VARINDIA
Elastic replaces traditional SIEM game with AI-driven security analytics

Elastic replaces traditional SIEM game with AI-driven security analytics

by VARINDIA
Infosys and ServiceNow to transform customer experiences with generative AI-powered solutions

Infosys and ServiceNow to transform customer experiences with generative AI-powered solutions

by VARINDIA
Crayon Software Experts India inaugurates its ISV Incubation Center in Kolkata

Crayon Software Experts India inaugurates its ISV Incubation Center in Kolkata

by VARINDIA
Dassault Systèmes to accelerate EV charging infrastructure development in India

Dassault Systèmes to accelerate EV charging infrastructure development in India

by VARINDIA
Tech Mahindra and Atento to deliver GenAI powered business transformation services

Tech Mahindra and Atento to deliver GenAI powered business transformation services

by VARINDIA