Creating Capacity As CISO: Partnering with the Business for Reduced Risk, Improved Security and Greater Resource

Jason Halls

Chief Information Security Officer at The Institute of Cancer Research

Learning Objectives

More than ever, businesses are going through different stages of digital transformation and dealing with disparate security maturity levels. However, all these situations have something in common: it is first and foremost a question of company culture. The constant and endless evolution of cyberattacks presents real and existential threats to businesses. This dynamic - and costly - reality means that technology alone cannot drive cybersecurity maturity and demands that we increase capacity through awareness. During this session we will consider how to create diverse security cultures.

Key Takeaways:

  • Who to engage with first when choosing your business stakeholders?

  • How to prioritise and what to include in diverse programs for reduced risk and better manage threats?

  • Who to establish buy-in and create organisational security champions?

  • How and what to ‘delegate’ to free up the CISO to search for more unforeseeable threats on the horizon?

  • COVID-19 impacts to culture and the links with business performance