I’ve spent a good amount of time speaking with CISOs over the past month and plan to write up a report about what I’m learning sometime after the RSA Security Conference.
In the meantime, it’s become crystal clear to me that CISOs are becoming more and more proactive in their jobs in a few areas, including the following:
1. Threat intelligence
In the distant past, most organizations really didn’t believe they were potential targets for cyber attacks. Yes, CISOs were responsible for building adequate defenses, but this job was seen as a purely technical endeavor. At that time, hackers were hackers — outside of Ft. Mead, few cybersecurity pros distinguished between cyber criminals and state-sponsored actors.