Share these talks and lectures with your colleagues
Invite colleaguesPractice paper
CIO and CISO collaboration for a shared vision that enables a cyber-resilient future
Cyber Security: A Peer-Reviewed Journal,
7
(1),
33-43
(2023)
Abstract
This paper provides an alternative perspective on how to manage cyber resiliency within an organisation, utilising common customer relationship management principles and techniques. Arguably two of the most important principles would be to ‘listen and understand’ one’s customer (‘understand all stakeholders within a process’, ‘understand the implementation cycles’, ‘understand the business challenges’, ‘understand the true requirements and outcomes a customer hopes to achieve’, ‘understand importance of requirements in relation to existing priorities’, ‘understand the strategy’, and many more examples). Organisations utilise sales management processes to drive profits, and CISOs could benefit from following similar processes or utilise common metrics in achieving the same success with information technology and, more importantly, security operational outcomes. This does require a degree of cultural open-mindedness and does not take away from the knowledge, training, experience and understanding required as a cyber security professional. Rather it focuses direction to reigniting the passion for the job, while trying to navigate the many challenges cyber security professionals face today.
Keywords: resiliency; strategy; alignment; context; data; structure
The full article is available to subscribers to the journal.
Author's Biography
Nastassja Van Den Heever has a proven track record of successful and measurable delivery not only in her current role, but across all her various roles held. She has spent the last 13 years dedicated in the speciality of cyber security. She began her career as a sales professional, progressing into her current role as Chief Information Security Officer (CISO). Her efforts were focused to gain knowledge and understanding across the impacts and challenges CISOs face today and what those impacts are to achieving success in cyber resiliency. This enabled her to attain valuable mentorships and experience not only in sales but in information technology architecture, solution design, incident management, project management, and lastly, business and cultural transformation management, across multiple sectors and industries globally. This experience ultimately allowed her to transition from a sales directorship role into the CISO (for the last four years) at one of the five major banks in South Africa. Nastassja holds qualifications not only in sales and leadership, but also holds the Certified Information Systems and Security Professional (CISSP) as well as Certified Information Security Management Professional (CISMP) qualifications. Her passion has allowed her to become an expert connector of diverse parts of an organisation, with her famous slogan ‘We save lives’ closely following every engagement.
