Risk in an organization

REAL WORLD EXAMPLE

We asked Simone Petrella, Chief Cyberstrategy Officer at CyberVista, to share an example of a company taking security education seriously. One organization approached CyberVista, she says, when they were in the “initial phases of creating and building their security strategy, including the hiring of a chief information security officer,” which was a position that didn’t exist in that company up until that point. “The board and executive team wanted to ensure they fully understood the cyber risks in their business so that they had a baseline by which to measure progress as they stood up a program and strategy,” Petrella says. This example stands out to her because she says it’s rare for a company to take that degree of an in-depth approach when developing a security strategy, and also because “it allowed them greater insight into the skills and qualifications they needed to hire a competent and business-minded CISO to execute that strategy.”