For years, information security has been floating in the Top 10 IT strategies of many organisations. In the last 3-5 years, the frequency, tenacity and boldness of cyber attacks have moved cybsercurity not only to the top of the CIO’s priority list, but to the C-suite and Board as well – becoming in many cases, part of the business agenda.

In the US, for example, the cybersecurity community are pushing for a bill that will enforce responsibility to the CEO and the board if cybersecurity controls are not adequately done. 

The responsibility for security typically rests in the hands of the Chief Information Security Officer. But as security becomes intertwined in an organisation’s digital transformation journey. How do we see the role of the CISO evolving, and for that matter that of the CIO?

Welcome to PodChats for FutureCISO. In today’s episode are joined by Abdulla Al Attas, head of cyber security, Plus Malaysia.

PodChats for FutureCISO: The responsibility of leadership in cyber security and IT

1.       If we look back at 2020 and 2021, security firms and analysts noted an increase in cybersecurity breaches/incidents. Despite the importance given to cybersecurity what are organizations doing wrong?

2.       In 2022, to what degree is cybersecurity given importance at the C-Suite and Board level?

a.       How is this ‘importance’ realised in terms of investments in time and resource?

3.       Given that organisations continue to be targeted by criminal elements, does this mean that organisations and its leadership are not doing enough? Or doing it wrong?

4.       To give it the importance it deserves, how should leadership and the board approach cybersecurity?

5.       What questions should the board be asking itself, the C-suite, the CISO-CIO when it comes to cybersecurity in 2022?

6.       What will be important to the CISO in 2022?

7.       What do you see challenges facing CISO in 2022?