The contemporary CISO has to make informed business decisions about risk
while simultaneously balancing the board, regulators, customers, investors and
more. Achieving this, requires collection, analysis, and tailoring of a mass of
complex information so it is relevant for each stakeholder group.
The myriad of sources makes this hard, which can ultimately compound bad
decision-making. Those who are aware of this build their own tools or undertake
lengthy and careful audits, both of which incur cost, take time and are not
scalable. Gaining a solid understanding of the environment they manage may
sound obvious but can very quickly become the bane of a CISOs existence.
This discussion, sponsored by CCM vendor Panaseer, brings together a select
group of senior security executives to enable a peer-led debate drawing on
personal experiences to understand how to address this problem.
1. What are the biggest reporting burdens CISOs and their teams face today?
2. How is that likely to change in the future?
3. What are the most effective improvements we can make to reduce the burden and improve the outcome?