What keeps a CISO awake? An uncomfortable bed…and my third party supply chain
Darren Argyle
Author | Fortune 500 Strategic Cybersecurity Advisor CEOs & Boards | Co-Founder and Board Chairman
I’m often asked by my fellow colleagues, 'what keeps me up at night?', to which I currently reply, 'an uncomfortable bed'. For those of you who have ever had significant home renovation, I know you will sympathise. Sleeping on the sofa gets old fast – I should be back in my own bed by Christmas!
Apart from the uncomfortable bed, understanding and managing third supply chain risk keeps me from my forty winks. Questions start running though my head as I try to count sheep – what more can I do to tackle security risk and shore up my supply chain? And are my third parties doing to same? I start jotting down notes and then think, this goes beyond security risk. What about auditing, compliance and just managing the workload and complexity of the whole process consistently?
As my fellow security professionals will attest to, complexity is one of the biggest barriers to good security. There’s a web of point solutions which have been added to existing infrastructures, not to mention the multiple ways to produce reports for different business stakeholders. Apply these things to your extended network of third and fourth parties and the process becomes even more acute.
A recent report from ClubCISO reveals that there are far too many organisations relying on ad hoc processes for enforcing security and inconsistent auditing of third parties. So what’s the solution and how can we all get some sleep? Let’s combine our efforts and information across institutions and third parties. By leveraging a common shared platform, we can all benefit from managing third fourth or even fifth party risk. After all, the exchange of information is priceless even though security vigilance means sleeping with one eye open.
If you’re interested in a chat, send me a DM or check out how we are working with institutions and third parties to manage their supply chain risk - https://bit.ly/1XtFioT.
Interested and Interesting -Sales & Marketing professional with a passion for learning, collaboration, and innovation.
8 年Interesting read, Darren.
Senior Account Executive - Trusted Cyber Security Expert. Adding value and expertise to companies seeking to strengthen their Cyber Security
8 年Contact an independent reseller is the answer if they are any good at what they do they will give independent advice on your network and what IT Security solutions would fit best…...it is a minefield out there at the moment and difficult to make head nor tail out of all the IT Security solutions available even though I am trained constantly on a majority of them.... if it is difficult for me so goodness knows how the CISO's choose the right fit for them......maybe you should get in touch with an IT security reseller mentioning no names
CEO, Chairman & Founder at Zscaler, Inc.
8 年Enjoyed your article Darren. Makes good sense.
Technology Risk & Security, CISO Board Advisor, CyberSecurity Executive, Investor
8 年I've heard a few prominent CISOs say, when a CEO/Board Member asks, 'What keeps them up at night'?...they answer..." I sleep like a baby...wake up every hour and cry "
Director, Partner Sales at Forrester Research
8 年Renee Murphy