Top reasons for CSOs to give thanks

The battle for cyber security never ends. But amid those constant challenges, several security pros take a few moments to reflect on good reasons to be grateful.

pumpkin pie

The job of a Chief Security Officer (CSO) is one of constant pressure. As they are reminded daily, they can be successful in defending their organization 99 percent of the time, and that won’t be enough. For the bad guys, being successful 1 percent of the time is good – and profitable – enough.

Still, amid all that pressure, several of those in charge of keeping their organizations paused this week to give reasons to give thanks.

And it is worth a pause from those they protect to give thanks to them.

Peter Chronis, CSO at Earthlink

peter chronis

Peter Chronis, CSO, Earthlink

I'm thankful that:

We’ve heard a lot about recent high-profile discoveries like Heartbleed, Shellshock and Poodle, but this broader body of work is critical intelligence used every day to manage threats and reduce security risks.

Here’s the raw data to support these statistics from the National Vulnerability Database, which is a repository of all security software vulnerabilities.

Year Matches Total Percentage

2012 5,288 5,288 100.00%

2013 5,186 5,186 100.00%

2014 7,083 7,083 100.00%

Kim Jones, senior vice president and CSO, Vantiv

kim jones

Kim Jones, senior vice president and CSO, Vantiv

Job-wise, there is only one thing that I am consistently thankful for, and that is my team. I am blessed and privileged to work with some of the finest security professionals in the nation.

This is not just because of the plethora of skills that they bring to the table, but the dedication to the mission and the cause. This does NOT mean working 24 hours a day, seven days a week (though we all do that when necessary), but a uniform focus on making things better, enabling the business, being mutually supportive...and having fun.

I have often said that my motivation for getting up in the morning and doing what I do is the single mom shopping retail. Think about it for a second: She's working 2-3 jobs, making ends meet. She is stretched but her kids are clean and their bellies are full.

It's shopping day, she clips her coupons and buys what's needed, then she goes to the counter to pay and her card is declined because either (a) my systems have been hacked and are down or (b) my systems have been hacked and someone has stolen her hard-earned money.

I get up every day and go to work to prevent that from happening...and I find myself surrounded by people who feel the same way. It gives me great hope that we'll succeed.

Rick Vadgama, director, IT Security & Risk Management at Cimpress, parent company to Vistaprint, Drukwerkdeal, Albelli and Pixartprinting

rick vadgama

Rick Vadgama, director, IT Security & Risk Management, Cimpress

I’m thankful for:

1. Anti-malware and other security companies evolving to
adopt the "kill chain" model.

2. Heightened visibility within the organization on the
importance of security and why cybersecurity is now a persistent business risk.

3. Security-as-a-Service providers, where they are staffed
24x7 with real security analysts to ensure we do not miss important alerts.

4. Security tools and systems offering APIs to support security
automation, event correlation, and visualization initiatives.

5. The Open PCI DSS Scoping toolkit, which brings clarity to
PCI DSS information security standards.

6. Retail groups from across the U.S. sending a letter to congressional
leaders urging them to pass federal data protection legislation that sets clear
rules for businesses serving consumers.

SUBSCRIBE! Get the best of CSO delivered to your email inbox.