As a result of high-profile breaches, emerging malware threats and heightened regulatory scrutiny, CISOs at financial institutions are under more pressure than ever to develop innovative strategies for enhancing cybersecurity.
And the evolving role of the CISO will be a hot topic at RSA Conference 2016, Feb. 29 through March 4 in San Francisco.
"What is needed is a separate risk voice, a separate security voice."
Cybersecurity attorney Chris Pierson, who serves as chief security officer for invoicing and payments provider Viewpost, will explore this topic with co-presenter Terry Ragsdale, CFO at financing services firm LSQ Funding Group, on March 1 during a 3:30 p.m. session: Partnerships with a CFO: On the Front Line of Cybersecurity.
Pierson and Ragsdale will discuss why partnerships between CISOs and CFOs make sense, and why CISOs need to break themselves free of the budgetary constraints placed upon them by CIOs. It should be a lively discussion.
"What is needed is a separate risk voice, a separate security voice," Pierson told me during a recent interview. "There will be increased collaboration with the chief financial officer and the other financial folks at the company. What you'll have are ... lawyers, technology professionals, security professionals and finance professionals all at the same table and on equal footing with equal budget to support the needs that they have."
This year's RSA Conference has many other sessions aimed at exploring the CISO's evolving role, including:
- From Cave Man to Business Man, the Evolution of the CISO to CIRO (Feb. 29, 3 p.m.): Third-party risk expert James Christiansen of cybersecurity firm Optiv will review how successful IT security leaders are using their skills to effectively communicate cybersecurity risks to the board and executive team to ensure greater cybersecurity budgetary success;
- CISO Success Strategies: On Becoming a Security Business Leader (March 2, 9:10 a.m.): SANS Institute CISO Frank Kim will walk us through why cybersecurity is a vital component of business growth;
- Habits of an Effective CISO (March 3, 8 a.m.): During this panel discussion, four CISOs, Ben Rothke, Jack Jones, Phil Agcaoili and Roland Cloutier, will review key steps that help them manage new cybersecurity and management responsibilities.
In addition to CISO-focused sessions, other sessions of particular interest to the financial community include:
- Integrating Retail Cybersecurity, Loss Prevention, Risk, Fraud and Privacy (March 2, 2:10 p.m.): Nordstrom cybersecurity director Steve Winterfield will discuss why cybersecurity is more effective and efficient when it's a team effort;
- Cyber-Insurance as an Integral Part of Your Cyber Risk Management Strategy (March 1, 1:10 p.m.): RSA's Timothy Shea will review why cyber insurance is a necessity for any risk management program;
- The Dark Web and Cyber Espionage: Fact, Fiction and Future (March 2, 9:10 a.m.): Two threat researchers will offer a look at cyber espionage trends.
Be sure to frequently check our RSA Conference 2016 news site for the latest video interviews, podcasts, blogs and news items from the biggest information security event of the year.