How the Cloud is Changing the Role of the CISO

Share and earn Cybytes
Facebook Twitter LinkedIn Email

Experts have pointed out that the broad adoption of the cloud in business is changing the role of some IT professionals. For example, where system administrators used to manage on-prem servers to support business applications, many have parlayed those skills into cloud expertise.

That’s happening in cybersecurity too, including at the leadership level, according to Michael Piacente, an executive recruiter at the boutique talent agency Hitch Partners. Mr. Piacente has a unique perspective because he sees the evolution in the roles and responsibilities his clients are asking him to fill.

He shared this perspective in an interview for the Open Source Security Podcast with hosts Josh Bressers and Kurt Seifried. Below are our takeaways from Mr. Piacente’s interview.

1) How is the cloud changing CISO responsibilities?

Mr. Piacente said he believes the “information” part, or the “I” in CISO, is “going away from a nomenclature perspective.” Where security was once largely focused on information security, today it includes a broader category of responsibilities including and applications running in the cloud.

The cloud has facilitated software development which means there are entire businesses today that are built solely on applications in the cloud. This means the “crown jewels” of the business are also in the cloud, and so the “hygiene piece we didn’t get right in on-prem has carried over to the cloud and gotten worse.”

As a result, the role of a modern CISO is in many ways about “adversary hunting.” More importantly, it requires defining that in a way that is meaningful to the organization – and partnering with developers to implement controls and best practices to implement it.

Partnering is the operative word because development doesn’t report to the CISO, yet in a cloud environment, it’s critical to overall security. In many ways, this is a cultural shift in the role that has caused some researchers to conclude an essential skill of high performing CISOs is to learn to lead without authority.

>>> Read the full post, including the second and third points, which discuss how the cloud is changing the skill sets a CISO needs and reporting structure here: 3 Ways Cloud Adoption is Changing the Role of the CISO.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About Bricata
Bricata is a cybersecurity solutions provider that combines a powerful network threat hunting platform into a comprehensive threat detection and prevention solution to help determine the true scope and severity threats. Bricata simplifies network threat hunting by identifying hidden threats using specifically designed hunting workflows that use detailed metadata provided clearly and eases your transition from the known to unknown malicious activities in conjunction with an advanced threat detection and prevention platform which detects zero-day malware conviction.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge


We recommend always using caution when following any link

Are you sure you want to continue?