Are Virtual CISOs the answer to your security problems?

Virtual CISOs can be an invaluable resource for companies with limited resources. But are they a short-term fix to a long-term problem?

virtual executive
Thinkstock

Chief Information Security Officers are a relatively rare breed. Information security is, after all, a relatively recent addition or subset to IT, and while most large organizations now do profess to having a CISO, CSO or head of information security, many still don’t. Indeed, it’s often the case that a company appoints its first CISO in the aftermath of a data breach - like Target did in 2014 or Sony in 2011.

However, landing yourself a CISO, and a good one at that, isn’t straightforward.

It’s well documented that the InfoSec landscape has a huge skills gap, with Cisco, training body ISC2 and other authorities putting the shortage around 1.5 to 2 million personnel, and ISACA speaking of a “missing generation” of security staff.

This shortage  - though disputed by some, including the Department of Homeland Security, is most keenly felt with network analysts and - increasingly - data scientists, but it also impacts firms at CISO level too.

To continue reading this article register now

Discover what your peers are reading. Sign up for our FREE email newsletters today!