The role and responsibilities of the CISO as explained by Ivanti ME Sales Director

Samer Hani on panel of CISO 50 Forum & Awards 2022

a group of men on stage with a projected backdrop
Samer Hani makes a point during the panel discussion at CISO 50. Photo credit - Tahawultech.com

Samer Hani, Ivanti Regional Sales Director, Middle East, was on the panel of the CISO 50 Forum and Awards 2022 in a session discussing ‘Planning for an Effective Cybersecurity Roadmap.’ Ivanti ME was a Gold Sponsor of the event which took place on September 20, hosted at the Taj Exotica Resort and Spa, The Palm, Dubai.

The Forum and Awards celebrate the efforts of innovative and forward-thinking security leaders and frontrunners who have delivered real-world results for driving security transformation. According to the CISO 50 website, the typical Chief Information Security Officer oversees four key security pillars including security architecture and engineering, operations, cyber resilience, and regulatory and IT compliance.

Samer Hani on the key responsibilities of the CISO

“Nowadays, the role of CISO is not only to protect the data, but also to protect the entire business. The main purpose of the CISO is to enable and enforce a new culture with a new thinking and understanding of cybersecurity. One of the major concerns is to protect the company’s assets and information. This can be achieved by creating a daily engagement from the CISO with all the heads of departments in order to ensure business continuity.”

“In addition, the safety of an organization underlies in understanding the regulations and applying major frameworks. Hence, it is essential that organizations implement solutions such as CSI security controls, COBIT, NIST, PCI DSS, GDPR and many more…”

“The future of IT and running businesses depends on setting out a major transformation by the CISO, specifically in the cloud. It is essential for an organization to start by asking questions, such as:

  • How many IPs are connected to my network at this stage?
  • How many non-compliant machines and softwares are there?
  • Which vulnerability should be prioritized and remediated first, according to its impact on the business?
  • What is the organizational Risk, Tolerance & Assurance strategy?”

 

 

 

Recent Articles
Previous:
Next: