For many organisations, hiring a dedicated CISO is a big step toward building a comprehensive information security programme.
However, many organisations are not ready to hire a full-time CISO but still need the strategic guidance and knowledge a traditional CISO brings to the overall security strategy.
In this video, Ashley Ferguson, Global Director of Executive Advisory Services covers the advantages of utilising the expertise of a pool of former CISOs from SecureWorks CISO Advisory Services vs. hiring a CISO to act as your strategic advisor.
I think what happens sometimes, and I don’t want to discourage people from hiring CISOs at all is when you’re there and you are physically on site, and you only work with your one client, then your view is very specific to just that one client. That’s good in some pieces, but having, just like when we go back to just the advisement pieces — it’s having that breadth of a network of individuals that can be there.
So I think for a lot of clients, it’s not just having someone physically on site that there’s constantly people coming into their office. But having the ability for that person to be on top of all of the latest information, the latest breaches out there. What we’re seeing from a client perspective, having the knowledge from our incident response engagements, having the knowledge of our Counter Threat Unit and what they’re seeing and being able to apply it specifically to that client in that industry and bringing that element of expertise in.
Versus…and it’s not necessarily for a client that has a CISO – you would go more to those advisement services of ‘Hey, I just need to get a little bit of advice.’ But for those who don’t have a CISO, and they are not ready to make that leap, it really helps for them to have the ability to reach out to someone and have them involved and understand their business. And help them to portray it in the right manner to their board and executives.