8 things CISOs should be thinking about, but probably aren't

CISOs need to cover all the security bases. The problem is, some of the bases are easy to overlook.

Tech Spotlight   >   Cybersecurity [CSO]   >   Hands gesture in conversation
Rawpixel / Jeff Hu / Getty Images

CISOs have plenty of issues on their minds, everything from building a secure infrastructure to blocking ransomware attacks to ensuring that internal staff doesn't misuse or steal data. With so many responsibilities and so little time, it shouldn't be surprising that even the most conscientious CISO is likely to miss at least a few critical issues.

Here's a rundown of eight often-overlooked areas that CISOs should immediately address.

1. Ensuring that third-party partners maintain strong security

Third-party partners, such as clients and service providers, are challenging to monitor yet frequently targeted by cybercriminals who are eager to broaden their attacks. Myke Lyons, CISO at data intelligence software developer Collibra, advises CISOs to work closely with their partners to ensure they're diligently following best security practices. "There's no clear-cut or simple way, but assessing vendors, libraries, third-party processes, and connectivity to providers is critical," he notes. "Governance is key."

2. Investigating innovation opportunities

To continue reading this article register now

How to choose a SIEM solution: 11 key features and considerations