“Firing the CISO would possibly appear to be a essential reset for CIOs or boards, nevertheless it’s not all the time a strategic transfer. If the incident response plan was adopted, the detection instruments labored, and restoration was inside SLAs, then changing the CISO typically sends the fallacious message internally,” Avakian maintains. “It reveals that the security position is extra about optics than substance. But when primary hygiene was uncared for — reminiscent of with no segmentation, no backups, no tabletop workouts — then change is likely to be justified.”
Frank Dickson, group VP for security at IDC, agrees with Avakian’s evaluation, however provides that some CISOs go away of their very own volition after a ransomware assault, resulting in increased substitute numbers.
“Addressing a ransomware occasion is extraordinarily taxing. A security individual could select to go away because of burnout or be requested to go away because of battle that outcomes from the remediation course of moderately than the assault itself,” Dickson says.
