Arabic Arabic Chinese (Simplified) Chinese (Simplified) Dutch Dutch English English French French German German Italian Italian Portuguese Portuguese Russian Russian Spanish Spanish
| (844) 627-8267

Five Cybersecurity Resolutions CISOs Can Actually Keep In 2023 | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware


Christopher Prewitt is CTO at Inversion6, responsible for helping develop security-related products and services for customers.

Like determined gym-goers, IT practitioners often start the new year determined to get their house in order. Quickly, they get enamored by new technology, distracted by new emergencies or simply buried under a mountain of bureaucracy.

That’s why you should start off 2023 with this list of five realistic resolutions aimed at helping you end the never-ending cycle of “maybe next year.”

1. Stay up to date on trends and technologies.

We all hear about the big new zero days, but unless you’re paying attention, it’s easy to miss an obscure new feature in AzureAD that could help you prevent MFA fatigue. As a CISO, it’s important to keep your finger on the pulse to ensure the security of your organization.

Whether you attend an industry conference, subscribe to some relevant publications or simply follow a few thought leaders on social media, take a moment in January to carve out dedicated time on your calendar to stay caught up with the latest and greatest.

2. Broaden the scope of your strategy.

A comprehensive cybersecurity strategy should cover all aspects of your organization’s security posture, including risk management, incident response and employee training. Unfortunately, cybersecurity strategies tend to narrow in scope over time, even as organizations change and grow around them.

Good strategy factors in not only where the business is, but where it’s going and what potential risks may lie on the horizon. Before the year gets rolling, take the time to review and update your strategy to ensure it aligns with your organization’s ever-evolving needs.

3. Strengthen your culture of security.

Even the best cybersecurity tactics can be decimated by a culture that doesn’t value or prioritize good security habits. But a culture of security is about more than strong passwords or healthy skepticism for strange hyperlinks and fishy attachments.

If cybersecurity is truly everyone’s responsibility, then everyone should feel empowered to get involved. Don’t wait for Cybersecurity Awareness Month to talk to them. Set the tone in January by encouraging data creators and others who manage data to ask questions and interact with those who are tasked with protecting their information.

4. Schedule recurring security assessments.

This industry moves quickly, and the only true way to gauge the real-time security of your organization’s systems, networks and data against vulnerabilities is to test them.

Start your 2023 by scheduling out your important internal assessments for the year—from vulnerability scans and penetration tests to quarterly access reviews, annual recovery exercises and weekly threat intel reviews. Stick to the schedule and you’ll be rewarded with valuable intel on how well you are operationally managing risks.

5. Nurture your important internal partnerships.

Let’s be honest. Outside the CISO, there are few C-Suite leaders who care much about IT and even fewer who care about IT security. The only way to make cybersecurity a long-term priority in most organizations is to build stronger partnerships at the top.

Early in the year, examine how you can be a helpful, transparent partner to the rest of executive leadership. Yes, it’s your job to reduce risk, but create too many hardships along the way, and they’ll spend most of their time finding “workarounds” that make your job even harder. On the flipside, show them how your work can make their life easier, and they’ll be there for you when it counts.

It’s easy to scoff at the big New Year’s resolutions we don’t keep. But the new year really does offer an important opportunity to set the tone for the year to come. Make the time to start your 2023 off right and it will pay dividends by next December.


Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?


——————————————————-


Click Here For The Original Source.

National Cyber Security

FREE
VIEW