Events , Governance & Risk Management , Infosecurity Europe 2023

Aligning Cybersecurity Controls With Business Risk Appetite

Matt Gordon-Smith on Corporate, Operational Approaches and Building Diverse Teams
Matt Gordon-Smith, former CISO, Gatwick Airport

When aligning and implementing controls with business risk and the organization's risk appetite, the corporate side is concerned with confidentiality of data while the operational side cares about availability. Different approaches are needed to get the right outcome, said Matt Gordon-Smith, former CISO at Gatwick Airport.

Enabling different approaches is also one of the reasons why it's important to ensure diverse teams. Leaders need to look at the aptitudes and attitudes of the people they are bringing in and determine whether they can bring skills from elsewhere into the business and apply them to information security.

See Also: NHS Ransomware Attack: Healthcare Industry Infrastructures Are Critical

In this video interview with Information Security Media Group, Gordon-Smith discussed:

  • Improving business decisions with better risk information;
  • How to write job descriptions that can help widen the organization's skill sets;
  • How to find security talent outside of the existing information security community.

Smith, who led security at Gatwick Airport, is an adviser to EasyJet. He has more than 20 years of experience across multiple disciplines and business sectors for several global organizations, balancing technical knowledge and expertise with stakeholder engagement.


About the Author

Tony Morbin

Tony Morbin

Executive News Editor, EU

Morbin is a veteran cybersecurity and tech journalist, editor, publisher and presenter working exclusively in cybersecurity for the past decade – at ISMG, SC Magazine and IT Sec Guru. He previously covered computing, finance, risk, electronic payments, telecoms, broadband and computing, including at the Financial Times. Morbin spent seven years as an editor in the Middle East and worked on ventures covering Hong Kong and Ukraine.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.