Chief information security officers (CISO) might not like to have presided over a data breach, but for many organizations, CISOs with experience in managing breaches have become a priority while hiring, especially in healthcare.
As awareness of the importance of cybersecurity increases across healthcare, so has an understanding of the existence of vulnerabilities. With this, the chief information security officer (CISO) is being considered as an essential strategic leader for health organizations that are aware of the value of their data.
According to the recently released report by security firm Optiv, many health organizations are willing to and also prefer to hire a CISO who has experienced a data breach.
For most organizations, cybersecurity literacy has spread beyond the CISO rank and to most of the executive class. Preventing security breaches has become a top priority for businesses due to the significant privacy, financial, and publicity damages that they can cause. While security has been hampered due to the ‘speed of business,’ the report suggests that the higher understanding of the importance of cybersecurity has led to greater alignment between business leaders and CISOs.
Almost 60% of the firms believe that having experienced a data breach makes seasoned cybersecurity professionals more desirable as hires.
Though unpatched software is a major cause of breaches, many CISOs are generally not worried about the need to scan for vulnerabilities and patch networks. Most security leaders feel there is a need is to educate employees on proper security practices, as well as promote security with development
In the healthcare industry, cybersecurity threats have become more elaborate than ever and are inflicting even more considerable damage. Having knowledge of the most current guidelines and being able to stay a step ahead of the sophisticated cybercriminals has become increasingly valuable in executive suites.
The importance of network security is now paramount for any healthcare organization and the role of CISO will remain crucial. The Optiv report also suggests that there is a high chance of a CISO becoming a CEO, considering their ability to also understand the business demands of cybersecurity.
Experts believe that, with the rise of the data breach epidemic, as well as the imposition of comprehensive privacy regulations like the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), cybersecurity has become a tier-1 business risk. This has resulted in the change in the role of the CISO. As CEOs are also being held accountable by boards for cybersecurity issues, this has elevated some CISOs to a level equal with CIOs and other C-level executives.
Though there are many organizations that keep CISOs consigned to their technical roles many have started to view the CISO as a crucial part of the next-generation digital transformation and even business initiatives, as they are well aware that security or compliance miscues can derail businesses.
Also read: What’s Next in Cybersecurity?