Security Incident Response

If you think you have or know you have a Security Incident please fill in the form and our experienced Onevinn CSIRT team will reach out shortly.
 
The team has long experience in supporting customers in Incident Response and Compromised Recovery.
 
Keep calm and we will be with you shortly!

Henrik Parkkinen 13 May 2022
3 min

A day at work as a CISO - Part 1

”Cat: Where are you going?
Alice: Which way should I go?
Cat: That depends on where you are going.
Alice: I don’t know.
Cat: Then it doesn’t matter which way you go.”

The quote is from Alice in Wonderland. And the role as a CISO is in many ways starting out from this perspective. To find “the way” that the organization you, as a CISO, is helping. Read my words —> ”Helping + organisation.”. You are there to find out where the organization currently is and to set the trail and lead the way forward towards a destination, i.e. a formulated vision and goal for where your organization is heading. And this is an ongoing journey, it will be iterative and need to be conducted in a continuum.

Helping the organisation navigate Information Security

This is not a single way trip with only a departure. This in a beautiful adventure filled with wonderful places that you and your team will come across and many interesting side quests may take place along the road. And there will be rabbit holes, endless and pitch black, which may pop up from nowhere. For example, security breaches, incidents and so forth. These might not always be so joyful, but they are a part of the job. And the best thing is, you do not need to jump down into these rabbit holes alone. The role as a CISO is a leadership role. The accomplishments and rabbit holes are, in most of the cases, managed as a team effort. But as in every team there needs to be a captain. Someone leading the team. This is your role. As a CISO. Engage as a captain. And with the mindset and attitude to enable other around you to grow along side with you in the journey you are on together.
AdobeStock_114644268 (1)

Security Maturity and Regulatory Requirements

But the role as such is not something that always looks generically the same in every organization. Don’t get me wrong on this one, but the responsibility may be the aspect, which is more or less generic, but the day-to-day work will vary. Trust me, I have seen quite a while of different organizations and been taking on the role as well. And this is because it mostly depends on an organization's current security posture, i.e. where an organization is in their own security journey. But also, which industry is the organization operating within? And what types of regulatory requirements need to be aligned towards. What types of threats is targeted towards the organization? A classic one liner, there are no silver bullets.

But there are better and less good (read bad ways) for how to take care of the security stuff. Keep in mind though, they every organization need to have general security controls and measures implemented, this includes for example robust configuration management, asset inventory, endpoint protection, perimeter protection, malware protection, recovery capabilities. But, as I personally see it, these types of security controls are and should be seen as something comparable to “good hygiene” when it comes to information, IT and cyber security. And every organization should have, but this is not always the case, a stringent risk management methodology coupled with threat and vulnerability management. I think that in I matter of time, maybe a couple of years, these disciplines and skills will become seen as security hygiene. In some cases, due to regulatory requirements, threat and vulnerability management are determined as security hygiene factors but. But in general terms and perspective many organizations still lack the capabilities to adequately detect and respond to modern cyber security attacks and threats.

AdobeStock_212177674 (1)

As a CISO you are the person who are leading the pack, in the front and looking into the unknown. You may not always have the answers on your own and of this reason it is of high importance to have a strong team in your corner. Being able to communication, both verbally and visually, is a key capability that will contribute to strong business relationships both internally and externally to your organization. And as a leader, in my opinion and based on the principles of my leadership philosophies, you are the product of strength gathers from the relationships you have. If you have a strong team around you who trusts you and are willing to take a part of the journey you and the organization YOU as a CISO help, you are in a fairly good place. As a CISO you are the composition of strengths shared and accumulated within organization, business landscape, internal IT team, external specialists, suppliers, and partners.

You are a leader. You are there to enable others to grow and develop to into leaders within the context of security and the organization you help. Enable and establish security awareness within the organization. Foster a secure culture. Empower the employees within the context of cyber security. You are there, as a CISO, to HELP the organization you are a part of and to lead them in their journey to become more protected and secure. More resilient. In part 2 we will dive deeper into the role as a CISO. Stay safe. Stay protected. Contemplate and trust in security. Together.