TAG Quarterly Spot-Checks the State of Cybersecurity

Available for Free Download
TAG Quarterly Q2 2024 Cover

What is the state of cybersecurity today? That was the question TAG Cybersecurity asked five of its writers to answer in its latest online Quarterly, available for free download. Some of the articles they wrote addressed the challenges for chief information security officers (CISOs), while others talked about the demands on corporate officers and directors. One discussed the befuddlement of ordinary citizens. 

TAG CEO Edward Amoroso wrote a “Top 10 List” based on what he said enterprise and government customers are telling him. No. 10 “makes us crazy,” he wrote. It said: “Cybersecurity vendors need to do a better job securing themselves.”  No. 1? “AI usage is breaking out like wildfires, and CISOs need to find guardrails.” 

David Neuman wrote an essay in which he talked about the “pressing need for cybersecurity to evolve in purpose from a defensive, technical posture to a proactive strategy that aligns with and propels business objectives.” In other words, a company’s cyber leaders must become its business leaders.

Another writer decided it was impossible to generalize about officers and directors, company employees, and average citizens. So Joanna Buckey addressed one group at a time. About the first group, she noted, “On the surface, the analogies between maintaining a fleet of company cars and maintaining a fleet of firewalls—software upgrades are like oil changes!—are obvious to practitioners but not obvious at all to business experts, who generally comprise the majority of board and C-level roles.”

David Hechler focused his article on people with no expertise on this subject. “For the vast majority of us,” he wrote, “cybersecurity is the invisible crime. We don’t see it happening. No pictures appear on front pages of newspapers to show the world the latest big hack. It’s almost as if the danger is beyond perception—like Covid-19.”

A fifth article suggested that CISOs too often get caught up in managing their programs rather than leading them. "A CISO should not be fighting fires with a hose," said author Al Palimenio. The position is more akin to a fire chief who sets policy, hires talent, trains recruits, and builds a supportive culture. “The strength that results from successful leadership will help reduce the pressures of managing,” he concluded.

Source: TAG Infosphere, Inc.