Page 104 - Cyber Defense eMagazine June 2020 Edition
P. 104

As well as adding to the CISO’s job description, the rise of cyber crime has also put the role under
            increasing scrutiny. It’s easy to see why, as research shows that most CISOs and the entire C-Suite
            believe the CISO is ultimately responsible for responding to a data breach on behalf of the organization.
            With numerous day-to-day responsibilities, many organizations have decided to add another role into the
            mix to give the CISO a helping hand. This is where the Chief Cybercrime Officer (CCO) comes in.



            Say hello to the CCO


            The  CCO’s  role  involves  ensuring  the  organization  is  cyber-ready.  They  bear  the  responsibility  of
            mitigating breaches, taking the lead if a breach does occur and providing the necessary link between the
            Board  and  the  rest  of  the  company  to  reduce  risk  and  work  cohesively  to  resolve  problems
            instantaneously. This role should ease the load on the CISO and ensure the organization can get one
            step ahead of hackers in the cyber crime race. However, organizations must take into account the need
            for both the CISO and CCO to work in tandem, which involves ensuring each role is clearly defined and
            has full support from the Board.




            CISO and CCO working together

            The CISO and CCO share a common goal of keeping the company’s data safe from cyber threats. Yet,
            the definition of what each role entails might be different for each organization. While the CCO will be
            focused on the system architecture, the CISO will be focused on the security of the information within the
            organization.  With  this  defined,  there  should  be  no  reason  that  both  roles  can’t  work  collaboratively
            towards keeping the organization and its data safe.

            With both roles working in harmony, the next step that organizations need to take is ensuring the CISO
            and  the  CCO  have  enough  influence  with  the  Board  to  make  critical  decisions  and  resolve  issues
            immediately. To do this, the Board should have full visibility of the entire cyber security strategy, which
            should be regularly reviewed and updated in line with new threats and intelligence. From this, the CCO
            and CISO can be given the responsibility to report and respond to incidents and make rapid decisions on
            behalf  of  the  business.  This  is  essential  as,  in  the  event  of  a  data  breach,  removing  unnecessary
            authorization steps ensures that the organization can respond quickly and put remediating measures in
            place to minimize potentially catastrophic repercussions.

            Cyber security threats are increasing day by day and these threats can’t be ignored. Organizations must
            consider what the most effective structure is that will enable decisions to be made quickly and that will
            leave space for both the CISO and CCO to work in tandem.













            Cyber Defense eMagazine –June 2020 Edition                                                                                                                                                                                                                         104
            Copyright © 2020, Cyber Defense Magazine.  All rights reserved worldwide.
   99   100   101   102   103   104   105   106   107   108   109