Virtual CISO: Solving cybersecurity growing pains?

Share on facebook
Share on google
Share on twitter
Share on linkedin
Time to Read: 3 minutes

There comes a time in every company's life when events force management to take a new look at how they handle IT. In some cases, it is simply that they realise the current situation is holding them back, risks are being taken and mistakes made. For others, it will be their success, where it becomes necessary to have greater and more dedicated resource allocated to IT

One of the key drivers for hitting that crossroad is certainly IT security – and usually on the back of a series of near misses or a confirmed attack of some kind, whether a virus, hack or data breach.  The pain and reputational damage experienced after such an incident is lasting and something most companies want to move quickly to avoid happening again. A 2019 Ponemon Institute research report revealed that a data breach results in abnormal customer turnover of 3.9% on average. Indeed, the financial consequences of customer attrition comprise the majority (36%) of the total cost of a data breach. However, organisations with an incident response team minimise this cost by an average of $370,000. Organisations with a senior-level leader, such as a Chief Information Security Officer, directing initiatives that improve customer trust helps retain customers, consequently reducing the cost of a breach.

The outsourcing itch

The problem is that building an IT team, and specifically a cybersecurity team, takes time, money and dedication. Great people with extensive industry experience are in short supply, top Chief Information Security Officers (CISOs) are expensive, and even if they can join your company it might be six months before they can start. Even once they are through the door, the process of assessing the cybersecurity posture of the company, planning and implementing changes, or indeed hiring and training staff, can take months.

Related Article  2020 marked a "turning point" for Cybersecurity in Australia

For some, deciding to outsource all IT operations has helped overcome some of the key problems with building a team. However, it is not a realistic option for companies that are large enough and lucky enough to already have a good IT team, or those that are growing, but lack the ability to make the kind of financial investments for a dedicated CISO. 

Outsourcing IT wholesale has its risks too. In the case of security, it simply becomes one of the many tasks an external team needs to get through in the limited time that they have, in much the same way as an internal IT team would struggle. Sure, they will check all the essential firewall and other configurations are in place and maintain systems – but those are purely fundamental tasks. In the long-run this is ineffective and can lead to a false sense of security.

It doesn’t need to be all or nothing

For large and growing companies, a much more strategic approach is needed towards cybersecurity.  One that encompasses current needs, the strategic direction of the company, as well as the evolving threat and technology landscape.

A different way to approach the challenge of gaining immediate access to an experienced CISO that can offer the support a company needs to rapidly improve their security posture, is hiring a virtual CISO. This is an individual with decades of industry experience that a company can use to enhance and advise its internal IT team, without needing to find, wait and pay for, an expensive CISO to join the company. 

Related Article  New Age Cars are Vulnerable to Cyberattacks, Highlights a Report

Some companies use virtual CISOs as an external risk auditing resource, whereas others will take advantage of their industry experience to assess technology for mitigating future threats and build an implementation roadmap that aligns with the future goals of the company.

For some, the idea of being tied to external outsourcing companies is an uncomfortable one, but the role of virtual CISO is really one of a trusted advisor. Whilst they can of course play an active role in the implementation of technology and running cybersecurity operations, their key benefit is their experience and strategic insight. For many companies this is used as a bridging mechanism, a way to deal with their immediate security needs, but using the virtual CISO’s experience to build the internal team, processes and resources that will eventually replace them. Even acting as part of the selection and interview process for their direct replacement.

A CISO worth considering

Whatever has led a company to the position where it knows it must up its cybersecurity game – speed and strategy are of the essence. The virtual CISO can be a role that enables both, without being a long-term investment. It can remove complexity and that ‘rabbit in the headlights’ feeling, buying a company time to make more considered and strategic decisions, whilst rapidly and cost effectively solidifying its stance on cybersecurity. It’s a different approach worthy of consideration when cybersecurity is forced to the top of the IT and boardroom agenda.

Leave a Reply

RSS Latest Technology News

  • Spacefarer Ariana Grande outfit now available in Fortnite October 22, 2021
    Fortnite's collaboration with pop star Ariana Grande continues with yet another outfit inspired by her being added to the game today. Available in the Fortnite store today is Spacefarer Ariana Grande, a distinctly different skin to the Ariana Grande ...
    Ryan Galloway
  • Twitter is finally letting everyone create Spaces October 21, 2021
    The Spaces team sent out a tweet to announce the change, noting that users on both Android and iOS will now be able to host Spaces. It also offers a GIF that briefly refreshes users on how to host a Space, in case you've forgotten after all these months.
    Emma Roth
  • Microsoft fixes Windows 11 AMD CPU performance issues with new update October 21, 2021
    This new Windows 11 update also includes a large amount of fixes, including one to solve an issue that prevents the Start menu from opening after your OS upgrade, and fixes to input delays for certain Bluetooth mice and keyboards. You can find the full ...
    Tom Warren


Follow Us

Virtual CISO: Solving cybersecurity growing pains?

by Puneet Time to Read: 3 min
AI Tool to Reshape Treatment by Predicting Cell Behaviors
Get to know the latest updates on exponential technologies, new age industry segments with our weekly XTechalpha Xclusive newsletter straight in your mailbox.