Everyone's counting on them. Sometimes they get all the blame. They pay well, but they're not high in the hierarchy. Their role is pivotal. But they just can't afford to do the most miserable job in business.
As a digital security officer in a hospital system, Chad Cliver faced so stressful working conditions that his hair greyed and began to fall. During his professional course, he experienced panic attacks, caused by stress at work. His everyday life was accompanied by phone calls at any time, to deal with interruptions in computer systems or compliance problems with the HIPAA Act. At the same time, he needed to send messages to colleagues even during his absence on leave.
She remembers waking up at 3:00 a.m. from a call from a rural hospital doctor due to an Internet shutdown. The doctor was unable to send scan results to a radiologist and reported features: «I don't know whether to transport the patient by helicopter or send him home.»As the top and only security officer, Cliver was responsible.
They leave as soon as possible.
Excessive anxiety significantly burdenes CISO (head of intelligence security / Chief Information Security Officer), increasing resignation rates, notes Bussiness Insider. The usual term in this position lasts just 18 to 26 months, unlike the nearly five years that apply to other administrative roles, according to what results from the data from the report of the Research Society Ventures.
In addition, half of CISOs consider the work volume to be unmanageable. Nearly 70% declares open to a change of position or even to a complete abandonment of their role within the following year, based on the IANS security investigation company's report.
All... on them and obligations that keep growing
This role bridges the complex, technical side of a company with its business goals, from financial data to human resources and daily operations.
The role of security chiefs has swelled over the past three decades. They are now required to respond to an increasing list of regulatory obligations and present evidence to board members who rarely understand technological terminology.
At the same time, they are called upon to combat the increasing threats of artificial intelligence, while using its potential to improve efficiency. They face all of this while having personal responsibility for any security violations.
Lack of qualified staff
Therefore, it is fully explained that the heads of security of operations have reached their limits. CISOs in large companies are under intense pressure, while there is a lack of qualified staff to meet the needs of small and medium-sized companies.
According to Cybersecurity Ventures estimates, losses from cybercrime are expected to double and reach from $6 trillion in 2021 to $12 trillion in 2031. This development means that more risks need to be avoided.
CISOs are invited to take on an operational, strategic role and role of human administration, while managing business risk, according to Martin Whitworth, a retired CISO says. This situation is sufficient to exhaust anyone.
Employment patterns
The first CISO was appointed in the mid-1990s to Citicorp. This position was created in response to cyberattack (hack). Today, about 35,000 people work in this position, often occupying lower levels in the upper hierarchy of businesses. Some companies, usually smaller or newly created (startups), employ CISO with part-time status to meet needs in multiple organisations. Other businesses use external, digital CISO (virtual CISO), which are ready to provide support.
Finally... «Your opinion doesn't have the same gravity.»
Η συγκεκριμένη εργασία ξεκίνησε με κύρια ευθύνη την άμυνα απέναντι σε ψηφιακές απειλές. Κατά τα τελευταία έτη όμως, οι αρμοδιότητες αυξήθηκαν σημαντικά, ακολουθώντας τη ραγδαία άνοδο των κινδύνων στον κυβερνοχώρο, χωρίς οι διαθέσιμοι πόροι να συμβαδίζουν πάντα με τις ανάγκες .
«Τα προσόντα που μας εξασφαλίζουν τη συμμετοχή στις συζητήσεις των στελεχών δεν εγγυώνται απαραίτητα και αποτελέσματα», αναφέρει ο Τζο Σίλβα, πρώην CISO και νυν Διευθύνων Σύμβουλος της εταιρείας ασφάλειας Spektion. «Ή, συμμετέχεις μεν στις συζητήσεις, αλλά διαπιστώνεις ότι η γνώμη σου δεν έχει την ίδια βαρύτητα». Η κατάσταση αυτή οφείλεται στο γεγονός ότι οι CISO βρίσκονται συνήθως χαμηλότερα στην ιεραρχία, κάτω από κορυφαία διοικητικά στελέχη, όπως οι Διευθύνοντες Σύμβουλοι (CEOs).
«Όλοι θέλουν να ρίξουν το φταίξιμο στον CISO»
Έρευνα του 2024 σε 500 CISO παγκοσμίως από την εταιρεία κυβερνοασφάλειας Trellix διαπίστωσε ότι το 72% των ερωτηθέντων ανησυχεί για το επαγγελματικό του μέλλον στη θέση αυτή. Η ανησυχία οφείλεται στις αυξανόμενες ευθύνες, όπως οι κανονιστικές υποχρεώσεις (που εκτείνονται από το απόρρητο στην υγεία, βάσει του HIPAA, έως τον χρηματοπιστωτικό κλάδο), αλλά και στον διογκούμενο καθημερινό φόρτο εργασίας για την εφαρμογή μέτρων ασφαλείας. «Όλοι θέλουν να ρίξουν το φταίξιμο στον CISO», επισημαίνει ο Ρον Γκριν, πρώην επικεφαλής ασφαλείας της Mastercard.
Και όταν αποχωρούν, συνήθως διαταράσσεταη λειτουργία της ομάδας πληροφορικής. Συχνά δεν υπάρχει κατάλληλα προετοιμασμένος αντικαταστάτης για να αναλάβει τον συγκεκριμένο ρόλο. «Πολλοί από τους υφισταμένους δεν έχουν επαρκή εμπειρία»”, επισημαίνει ο Σίλβα. «Κατά συνέπεια, το επίπεδο ασφάλειας μπορεί να υποβαθμιστεί».
naftemporiki. gr
preferred source on Google
To show more articles by Maritime in your searches easily and quickly, you must add the site to your preferred sources. You can do it by going Here..
