You're reading from Cybersecurity Leadership Demystified A comprehensive guide to becoming a world-class modern cybersecurity leader and global CISO

Product type Paperback

Published in Jan 2022

Publisher Packt

ISBN-13 9781801819282

Length 274 pages

Edition 1st Edition

Tools

GitHub

Concepts

Cybersecurity

Author (1):

Dr. Erdal Ozkaya

View More author details

Table of Contents (14) Chapters

Preface

1. Chapter 1: A CISO's Role in Security Leadership

2. Chapter 2: End-to-End Security Operations FREE CHAPTER

3. Chapter 3: Compliance and Regulations

4. Chapter 4: Role of HR in Security

5. Chapter 5: How Documentation Contributes to Security

6. Chapter 6: Disaster Recovery and Business Continuity

7. Chapter 7: Bringing Stakeholders On Board

8. Chapter 8: Other CISO Tasks

9. Chapter 9: Congratulations! You Are Hired

10. Chapter 10: Security Leadership

11. Chapter 11: Conclusion

12. Chapter 12: Ask the Experts

13. Another Book You May Enjoy

Leading auditing and compliance initiatives

A CISO and an organization's security team are tasked with leading auditing efforts of the company's security systems and ensuring that a company complies with all the security standards and regulations that govern its operations. Auditing efforts include a thorough review of a company's assets to ensure that they perform as they should. It also includes taking an inventory of all the company's infrastructure and information assets to determine all possible attack surfaces. Evaluation efforts also ensure that all software is up to date with the latest security patches to reduce a company's exposure to risk and exploitation of vulnerabilities.

We've touched on how CISOs lead in the auditing and compliance initiatives. The next section addresses examples of some of the IT components that CISOs seek to confirm whether they are functioning properly in enhancing a company's security posture.

Anti-malware and anti-spyware software

These series of software, in addition to firewalls, are critical components of securing a system from cyber-attacks. These series of software are not foolproof on their own but need additional security features. However, they are effective in helping protect an organization against simple and common attacks. Malware is among the most common attack vectors that attackers will use against a system to help gain access. Anti-malware programs and anti-spyware software help organizations in protecting their systems and information assets from many external threats. For internet-facing information assets, these types of software will help in the mitigation of risks and possible malware getting into the system.

An auditing process carried by the security team ensures that these anti-malware programs, as well as firewall programs, are working as intended and that they are up to date. Updating the software ensures that new malware definitions have been included in a database to help a system fight off newer forms of malicious programs that attackers may use.

After understanding the role of anti-malware in an IT system, the next section seeks to address how CISOs ensure compliance with international regulations.

Compliance with international regulations

Modern companies are regulated by many organizations that have been created to protect consumers, as well as firms, from malicious attacks. Many firms engage in the collection of data from their consumers that they use in the dissemination of their services, as well as to improve their products. However, without management, firms have been known to misuse this information. Therefore, governments have been forced to step in to ensure that firms engage in data-collection exercises in a regulated manner that ensures that the data collected is only used for the purposes it was collected and that users are aware of all the purposes. In addition, these users need to provide their consent to these firms before they can use their data. Most of the regulations involve the collection and use of consumer data.

Examples of regulations and regulatory bodies

Some of the bodies whose regulations affect many operations include GDPR and HIPAA. GDPR is an acronym standing for General Data Protection Regulation. These are statutes created by the European Union (EU) to protect European citizens from exploitation by companies that engage in the collection, use, and storage of their data. Any company, regardless of whether they operate within the EU or not that collects information from an EU citizen, is required to adhere to these rules. HIPAA, on the other hand, is an acronym that stands for the Health Insurance Portability and Accountability Act. This is a statute that was created to ensure that health and insurance information was protected within the United States (US), and its laws and regulations affect all companies that directly or indirectly through business association deal with such information. These two are some of the many regulations that affect company operations globally, and modern firms need to ensure that they comply with these laws, which the CISO and their team are tasked with.

Consequences of non-compliance

A failure to comply with these laws and regulations jeopardizes a company's existence, and it may be suspended or fined heavily. For instance, all federal firms that deal in health information are governed by the HIPAA statute, and a failure to comply will deny them subsequent federal funding. For other firms, such as those governed by GDPR laws, a failure to comply may lead to heavy fines that could lead to millions of US dollars' (USDs') loss to the company. Adherence to some of the laws is possible through the implementation of various security measures, such as the secure storage of data to keep it safe from possible breaches. While ensuring compliance, a firm also benefits from such actions by protecting itself from successful attacks that could threaten the continuity of operations.

We have now addressed the role of a CISO in terms of auditing the company to ensure safety and compliance with laws and regulations. The following section handles their role in managing various information security initiatives.