Cybersecurity is not just a tech issue but a business problem too
A concerning number of South African companies are not prepared for the inevitability of a cyberattack despite the significant financial and reputational risks. Too few senior managers view cybersecurity as a business problem and not just a technology problem. The reality is cybersecurity is very much a business consideration.
Cybersecurity is a business-wide risk it requires more than isolated activities to be addressed. This is where the role of a Chief Information Security Officer (CISO) is important.
The CISO therefore needs to have technical and security skills and competencies, but equally as important, should understand the finance function, operations of the business, and have the business as well as communication skills to effectively create this span.
While large corporations are more likely to have the resources to fill the CISO role, businesses below the corporate level may not. In such instances, an outsourced or CISO-as-a-service offering could add immense value.
