Events , Finance & Banking , Governance & Risk Management
Don't Silo Cyber Risk to CISOs, Says Former Financial CISO
Google's Alicja Cade Says 'Cyber' Isn't Just for CISOsTossing the word "cyber" onto something doesn't automatically mean it should belong to the chief information security officer. Cyber risk belongs to everyone in an organization - the users and the business divisions that make decisions about what kind of risks are acceptable. Chief information and technology officers also own it.
"Those parts of the organizations are often the risk owners, it's not the CISO," said Alicja Cade, director, financial services, Office of the CISO, Google Cloud. /p>
Cade's message to organizations is that CISOs should be collaborating across business units. Hand in hand with that is a belief that technology is only a slice of the CISO job description. "The huge part of the pie is people. People and culture."
See Also: OnDemand | CISO Leadership Blueprint to Managing Budgets, Third-Party Risks & Breaches
In this video interview with Information Security Media Group at RSA Conference 2024, Cade also discussed:/p>
- How the Office of the CISO advises companies;
- Why digital transformations often fail;
- Why frontline, risk and compliance and audit teams need to work together.
Alicja Cade has been director of financial service in the Google Office of the CISO since April 2022. She previously spent nearly two years as Americas CISO and head of data confidentiality operations at UBS and nearly six years at Credit Suisse as a CISO.