• About
  • Subscribe
  • Contact
Friday, May 9, 2025
    Login
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
No Result
View All Result
Home Technology Security

PodChats for FutureCISO: Top challenges for CISOs and security pros in 2022

Allan Tan by Allan Tan
April 13, 2022
PodChats for FutureCISO: Top challenges for CISOs and security pros in 2022

PodChats for FutureCISO: Top challenges for CISOs and security pros in 2022

Peter Firstbrook

Death and taxes are said to be life’s only two certainties. As organisations continue their digital transformation journey, you can add the certainty of an expanding cyber threat landscape and the unrelenting barrage of attacks that come with it.

Peter Firstbrook, Gartner research vice president, says “The pandemic accelerated hybrid work and the shift to the cloud, challenging CISOs to secure an increasingly distributed enterprise — all while dealing with a shortage of skilled security staff.”

Mark du Plessis

According to Mark du Plessis, managing director and Security lead for Southeast Asia at Accenture, the CISO role is evolving.

“Increasingly, they are finding themselves moving away from traditionally only dealing with IT to now becoming a business advisor on operations as well. Within the region, we are seeing cyber champions, or mature organisations typically in FSI or public sector industries, being the ones whose CISOs have been responding well to taking on a more business-centric position,” he elaborated.

He cited Accenture’s 2021 State of Cyber Resilience report which found that Singapore saw an 89% spike in attacks per company, a worrying reflection of the rampant cybercriminal activities plaguing businesses in a hyperconnected climate.

Key cybersecurity trends and challenges

Drawing from the Accenture report, du Plessis is adamant that ransomware is the number one killer, and our cyber threat intelligence report shows a 107% increase in attacks YoY. Cloud-centric and supply chain attacks are also on the rise and will continue to plague organisations unless there is an industry-wide change in cybersecurity standards.

“Organisations are also facing difficulties in attracting and retaining cyber talent due to a hot market. Cybersecurity cultural awareness too is ranking high on business agendas and will become a greater priority in the future,” he added.

Impact on current security strategies and posture

Asked about the implication of these challenges to CISOs, du Plessis observes the rise of two types of companies addressing these challenges. The first is the traditional mature cyber champion company, which continues to invest progressively in security and maintains cyber hygiene.

“The other type, which we’re seeing a lot now, is cyber risk-takers. These are usually start-ups that are consciously deciding to undertake a higher level of risk so that they can go to market quickly. These companies are normally looking at automation and service providers as they have a lean CISO team,” he continued.

Make-up of CISO team

According to du Plessis, traditionally, a one-person CISO team would have focused primarily on cyber risk and governance. “If your company only has a small budget, that’s what you would go for by keeping control over what you can,” he commented.

He posited that if the budget is more abundant, the CISO team will then expand to include personnel who handle the business and operational aspects, architectural reviews and standards, strategy on cyber direction, as well as an incident handler that monitors and responds to cyber threats.

Best practices of a sound cybersecurity strategy in 2022

  1. Cyber resiliency — Companies must accept and prepare for breaches, for business continuity, and understand how to communicate to stakeholders when hit by a cyber-attack.
  2. Engage managed service providers — organisations can engage MSPs to ensure constant monitoring and detection of threats through services like MXDR.
  3. Zero-trust — By adopting zero-trust both as a practice and mentality, frees up the business to focus on other core competencies.
  4. Cyber hygiene — Consistent and continuous maintenance can eliminate vulnerabilities.

Addressing the security talent shortage

Like many parts of the world, technical talent is a shortage, more so in developing markets. This is particularly acute around cybersecurity talent.

The report, The Life and Times of Cybersecurity Professionals 2021, noted that among the 489 cybersecurity professionals surveyed, the top ramifications of the skills shortage include an increased workload for the cybersecurity team (62%), unfilled open job requisitions (38%), and high burnout among staff (38%).

According to 95% of respondents, the cybersecurity skills shortage and its associated impacts have not improved over the past few years and 44% say it has only gotten worse.

Accenture’s du Plessis says organisations can mitigate this through reskilling their employees via cyber training programmes. He believed that it is also important to invest in and nurture the younger generation for they will constitute the future workforce.

“The best cyber leaders are those who practice servant leadership. The key to retaining talent lies in giving them a mission, and the better CISOs can raise up their team while always maintaining the mentality that they are here to serve their team,” he added.

Guide for CISOs in 2022

Asked for one key piece of advice for CISOs in 2022 to help guide him or her in tackling the role, du Plessis instead offers three factors to consider:

  1. Capturing the strategic picture of cybersecurity in the business so that executives understand how it fits into the business
  2. Speaking the business-relevant language of the board and the C-suites for efficient communication on the cybersecurity agenda
  3. Building cyber muscle memory for C-suites through attendance at cyber events so that they are familiar with the space

Click on the PodChat player to listen to the details of the dialogue with du Plessis.

  1. Looking back (2020-2021), what has been the single biggest challenge for the CISO and security team? How have they responded to this challenge?
  2. Are CISOs in Asia able to adapt to talking in business terms to the CEO and the Board?
  3. What are the key cybersecurity trends and challenges that organisations are currently facing (2022)?
  4. What are the implications of these challenges for CISOs and how does this affect the company’s security strategy and posture?
  5. What are some best practices or must-haves that constitute a sound cybersecurity strategy in 2022?
  6. What is the one piece of advice for the CISO in 2022 to help guide him or her in tackling the role?
Related:  PodChats for FutureCIO: Containing the cyber contagion in ASEAN healthcare
Tags: AccentureCISOcybersecurityFutureCISOGartnerPodchatstalent shortage
Allan Tan

Allan Tan

Allan is Group Editor-in-Chief for CXOCIETY writing for FutureIoT, FutureCIO and FutureCFO. He supports content marketing engagements for CXOCIETY clients, as well as moderates senior-level discussions and speaks at events. Previous Roles He served as Group Editor-in-Chief for Questex Asia concurrent to the Regional Content and Strategy Director role. He was the Director of Technology Practice at Hill+Knowlton in Hong Kong and Director of Client Services at EBA Communications. He also served as Marketing Director for Asia at Hitachi Data Systems and served as Country Sales Manager for HDS’ Philippines. Other sales roles include Encore Computer and First International Computer. He was a Senior Industry Analyst at Dataquest (Gartner Group) covering IT Professional Services for Asia-Pacific. He moved to Hong Kong as a Network Specialist and later MIS Manager at Imagineering/Tech Pacific. He holds a Bachelor of Science in Electronics and Communications Engineering degree and is a certified PICK programmer.

No Result
View All Result

Recent Posts

  • APAC CIOs rethink cybersecurity investments amid expanding threat landscape
  • Study finds almost half of businesses bank on AI-enabled cybersecurity for EDR and XDR
  • AI drives cloud market growth in Q1
  • ARTHALAND chooses OutSystems to advance real estate sustainability
  • Experts warn against AI-powered deepfake impersonation scams

Live Poll

Categories

  • Big Data, Analytics & Intelligence
  • Business Applications & Databases
  • Business-IT Alignment
  • Careers
  • Case Studies
  • CISO
  • CISO strategies
  • Cloud, Virtualization, Operating Environments and Middleware
  • Computer, Storage, Networks, Connectivity
  • Corporate Social Responsibility
  • Customer Experience / Engagement
  • Cyber risk management
  • Cyberattacks and data breaches
  • Cybersecurity careers
  • Cybersecurity operations
  • Education
  • Education
  • Finance
  • Finance & Insurance
  • FutureCISO
  • General
  • Governance, Risk and Compliance
  • Government and Public Services
  • Growth Strategies
  • Hospitality & Tourism
  • HR, education and Training
  • Industry Verticals
  • Infrastructure & Platforms
  • Insider threats
  • Latest Stories
  • Logistics & Transportation
  • Management Leadership
  • Manufacturing
  • Media and Telecommunications
  • News Stories
  • Operations
  • Opinion
  • Opinions
  • People
  • Process
  • Remote work
  • Retail & Wholesale
  • Sales & Marketing
  • Security
  • Tactics and Strategies
  • Technology
  • Utilities
  • Videos
  • Vulnerabilities and threats
  • White Papers

Strategic Insights for Chief Information Officers

FutureCIO is about enabling the CIO, his team, the leadership and the enterprise through shared expertise, know-how and experience - through a community of shared interests and goals. It is also about discovering unknown best practices that will help realize new business models.

Quick Links

  • Videos
  • Resources
  • Subscribe
  • Contact

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
Login

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Subscribe