Skip to content

14 lessons CISOs learned in 2022

December 12, 2022 – Published on CSO Online

We’re about to finish yet another erratic year, in which Elon Musk bought Twitter, Russia invaded Ukraine, and many workers returned to their offices. We also saw, for the first time, a security chief sentenced to prison for concealing a data breach.

These events and many more have changed the business landscape and forced CISOs to steer a course through uncertain waters. CSO spoke with multiple CSO’s including GuidePoint Security’s Gary Brickhouse, who spoke about employee training and cyber insurance.

A critical piece of any organization’s defense strategy should be employee awareness and training because “employees continue to be targeted in threat actor strategies through phishing and other social engineering means,” says Gary Brickhouse, CISO at GuidePoint Security.

In recent years, cyber liability insurance has become a necessity, but premiums have increased. Also, organizations face more scrutiny from insurers to identify areas of risk. “This process is much more rigorous than in the past, increasing the timeline and effort to obtain cyber liability insurance,” says Brickhouse. “Organizations should treat this process almost like an audit – preparing in advance, having their security programs and controls well documented and ready to be validated.”

Read More HERE.