The contemporary CISO has to make informed business decisions about risk while simultaneously balancing the board, regulators, customers, investors and more. Achieving this, requires the collection, analysis, and tailoring of a mass of complex information so it is relevant for each stakeholder group.
The myriad of sources makes this hard, which can ultimately compound bad decision-making. Those who are aware of this build their own tools or undertake lengthy and careful audits, both of which incur a cost, take time and are not scalable. Gaining a solid understanding of the environment they manage may sound obvious but can very quickly become the bane of a CISOs existence.
This discussion, sponsored by CCM vendor Panaseer, brings together a select group of senior security executives to enable a peer-led debate drawing on personal experiences to understand how to address this problem.
1. What are the biggest reporting burdens CISOs and their teams face today?
2. How is that likely to change in the future?
3. What are the most effective improvements we can make to reduce the burden and improve the outcome?