The 15th e-Crime & Cybersecurity Germany
5th May 2020, Munich
Setting priorities in cybersecurity, fraud and privacy
Breaking down the silos across security and privacy is critical. Why? And how can CISOs help?
As companies increasingly recognise the strategic importance of cybersecurity, and as GDPR is now creating genuine financial and reputational risks for firms large and small, boards have been piling ever more responsibility onto CISOs and their teams, but rarely increasing resources commensurately.
The CISO can now be any or all of: project manager, policy maker, compliance officer, designer of procedures, in-depth technologist and expert on everything from threat intelligence to DNS hacks, RFPer and POCer, incident response manager, SOC manager…the list goes on.
This is not a viable or reasonable job description and it goes some way to explaining why so many CISOs are leaving the business, for vendors, to become consultants or to get out completely. CISO burnout is now a trending conversation.
And it raises a fundamental question: does the ever-growing list of CISO responsibilities indicate that companies need to re-engineer both the role and the activities it oversees? How much cybersecurity can realistically be carried out on-premises and what does that imply for teams and technologies? And how can solution providers contribute to a better outcome?
In Europe, GDPR fines have added another variable into the mix. It’s not just the size of the penalties proposed or handed out to Google, British Airways and Mariott that is changing senior management thinking, it is the realisation that the largest fines are, and will likely continue to be, related not to data breaches and pure security issues, but privacy issues around data that has not necessarily been compromised in a security sense.
So what does all this mean for cybersecurity professionals? And what does it mean more generally for information and data protection and integrity?
The 15th e-Crime & Cybersecurity Germany will cover these and other key subjects for its audience of professionals tasked with safeguarding digital assets and sensitive data.