What's Cyber Resilience? The CIO, CTO and CISO Need to Agree
LevelBlue's Theresa Lanowitz on C-Suite Survey, Accelerators for Better ResilienceThe security of a large enterprise starts at the top, but members of the C-suite often have conflicting priorities and a lack of understanding about the role their part of the organization plays in keeping the business running, said Theresa Lanowitz, chief evangelist at LevelBlue.
See Also: Corelight's Brian Dye on NDR's Role in Defeating Ransomware
"Take, for example, budgets," said Lanowitz, citing LevelBlue's new C-suite Accelerator survey of 1,050 executives in 18 countries. "The cybersecurity budget is largely reactive because even after all these years, cybersecurity is still siloed. It's underfunded, and it's largely an afterthought."
C-suite executives can't even agree on the definition of cyber resilience and the need to prevent massive disruption of the business - either through a cyberattack or a natural disaster. Most executives assume cyber resilience is the same as cybersecurity - and that the CISO is wholly responsible for it.
"The whole business doesn't look at it equally and apply equal importance to it. That, quite honestly, is why the CIO, CTO and the CISO need to work together to form that united front," she said.
In this video interview with Information Security Media Group at Black Hat 2024, Lanowitz also discussed:
- The state of cyber resiliency in enterprises today;
- The roles of various members of the C-suite related to cybersecurity;
- Steps to take to make cyber resilience a" whole of organization" issue.
Lanowitz is responsible for promoting LevelBlue's vision and services and engaging with clients to share insights on emerging cybersecurity trends. She is a thought leader in trends and emerging technology and has more than 30 years of experience. She previously worked as an industry analyst with Voke and Gartner.