Cybersecurity professionals must work diligently to help business leaders understand that their work is more than just technology implementation, says Greg Touhill, the federal government’s first Chief Information Security Officer. It’s risk management.
“I keep on hearing executives talk about cybersecurity being a technology problem, and they keep pouring money into buying new stuff,” rather than focusing on risk management, Touhill said in a speech to a gathering of cybersecurity pros this week in Washington DC. Instead of buying the hottest new cybersecurity tools, companies should focus on remaining current and understanding the true value of their data.
Touhill made the remarks November 29 during a presentation to attendees of the INSecurity conference, a cybersecurity gathering sponsored by industry publication Dark Reading, which reported on his speech.