Why Many CISOs Got Caught by the COVID-19 Pandemic


At a high level, the IT industry may have been caught with its pants down a bit in the current COVID-19 pandemic. Not because there aren’t a lot of smart chief information security officers (CISOs) out there doing smart things, but rather in our/their ability to quickly adapt to an unprecedented scenario—and perform under an attack on personal safety.

We have always been afraid of a breach, but being able to support a remote workforce—essentially overnight—under the guise of protecting lives brought a whole new pressure to the role. Then, as we caught our breath, we had to adapt to a changing threat landscape.

Controls that we thought were effective were not. We realized that we didn’t put as much effort in validating third-party services as we should have (Zoom, for one widespread example). And we’re being asked to forward think and define a security fabric that protects the security and privacy of the “new normal” workforce. Some thought leaders have said for years that the CISO gig is not for...

Get the Morning Update

Thanks for subscribing!