To hear U.S. Bank EVP & CISO Jason Witty tell it, there is new weather added onto "planet cybersecurity" every quarter—and the previous weather never goes away.
We spoke to Witty after his keynote at SecureWorld Twin Cities in Minneapolis (right).
Witty says in the middle of the storms InfoSec teams can face, there are three critical areas that today's CISOs and aspiring CISOs should focus on in 2018.
- Communication: Learn to speak Klingon to your team and English to everyone else.
- Team: Build a great team with continuous training and workforce development.
- Detection & Response: Plan to fail, he says, by focusing on detective controls and having a comprehensive response plan practiced and ready.
Watch SecureWorld's 2-minute interview with U.S. Bank CISO Jason Witty as he elaborates on each of these areas for CISO and security program success.
Lastly, Witty says another thing to look at more closely than ever is cyber insurance.
He spoke with Dr. Larry Ponemon at the conference (below), where they recorded a podcast before the conference got rolling.
Witty says he learned that some 40% of companies now have cyber insurance as a supplement to their security programs. That's another drastic change in the infosec landscape from just a few years ago.