Are there certain pitfalls of a technical nature that companies should avoid when building a security infrastructure?
From a technical perspective, security is still an extremely complex job. That leads to two things. First you need expertise. This means it will be harder to scale the organization because of the scarcity of security expertise. That’s the major technical pitfall getting the necessary talent or leveraging the limited talent that you have access to. I’ve talked to many CISOs (chief information security officer) who have nabbed resources from other parts of the organization, who are not deeply trained in security. By using security “experts,” they’re able to train these others to perform a number of security roles. So you can co-opt resources from the business units and then bring all those resources together in a sort of dotted-line matrix style of management to bring together the necessary functions. Q: What is the difference between the role of a CIO and that of a CISO? A: The CIO’s role is more about making sure that the IT infrastructure meets the overall business needs at the lowest
Related Questions
- My property does not currently meet building codes - to bring it up to code may mean that certain historic features are sacrificed. Would the project still qualify?
- What happens if I cannot meet the requirements of certain Regulations because of the nature of the construction or the existing design of my building?
- What are the best technical security training companies in UK?
