govciooutlook
Sign In

Subscribe to our Weekly Newsletter to get latest updates to your inbox
DECEMBER - 2020 19GOVERNMENT CIO OUTLOOKTrust: The Key to Achieving Security Goalsnce upon a time, the Swedish banks ran an operation where the only way to serve customers were through branches. Customers got their loans and their cash in the branch. To improve access to cash--ATMs were delivered, and in the late 1990s, the first internet services were launched. Ten years later, Apple released the iPhone, and the mobile era took off, and the situation today is totally different ­ banking customers now choose when, where, and how they want to fulfil their financial needs, on mobile devices, and in real-time. This is obviously having a huge impact on the financial industry, but it also has an impact on security. In the past, security was about physical protection of staff and cash. IT-security initially had the same positioning--to protect, but this is changing; protection together with detect and respond is still key, but security is starting to be seen as a business enabler - to deliver business value. This ties well into the changing role as a CISO. I am in my fourth year as a CISO at Handelsbanken, a bank with its roots in Sweden, and now define six countries as home markets. The expectations on me as a CISO have changed a lot since I took on this role. Initially, it was about overseeing and implementing a cybersecurity program, an understanding of the key security solutions and the go to person to handle a cyber crisis. This is still the case, but soon there was an expectancy to provide senior management with the current cyber risk exposure, threat intelligence should be embraced and now it is about becoming a business enabler. So How to Become a Business Enabler?First of all, there are no short-cuts - if you are in a sector where cybersecurity is prioritized, you need a security organization working in a structured way, and you need an active Threat Intelligence (TI) function to understand what you are up against. How this is organized, that is, in-house, outsourced, or a hybrid, is up to you.With this as a foundation, let us turn to become a business enabler.My recommended starting point is to ensure that your high-level security goals are aligned and contribute to the corporate goals. The key challenge is to find the correct language, the words that appeal to upper management. One OErik Blomberg, Senior Vice President, CISO, Handelsbanken [STO: SHB-A]ByINSIGHTSCXO
< Page 9 | Page 11 >