C-level executives, including CIOs, CTOs and CISOs, must learn ‘to play together in the cyber security sandpit’ according to technology professionals at the ITWeb Security Summit Johannesburg.
Dr Machiniba Sylvia Sathekge, partner and CIO, SNG Grant Thornton, introduced a panel discussion focused on how to achieve collaboration at executive level in organisations.
Sathekge said cyber security and resilience is about teamwork.
“Cyber security is a team sport, and the question is how to align business leaders with security needs, architecture and infrastructure. We need to make sure we prioritise security without impacting innovation.”
Megaree Naraidoo, group CIO & CISO, Safety SA, added that there can be no strategic alignment in cyber security without fully understanding the business strategy.
Conrad Roos, head of GRC, TFG (The Foschini Group) said there is a growing need for continuous awareness and education about the basics of cyber security and how to enhance cyber security postures.
Sathekge pointed out that in the event of a security breach, organisations tend to place the responsibility on one individual.
“But cyber security is everyone’s responsibility,” said Naraidoo.
Panelists agreed that an effective cybersecurity strategy and posture requires everyone to play their specific role.
“CTOs and CIOs play crucial roles in helping to protect the organisation, and they have to also support the CISO,” said Sathekge.
Nelesh Baichan, cyber security manager at Tiger Brands, stressed the need to use structured platforms for open dialogue and to share resources. “There’s no way we can work in silos, we must foster relationships.”
The consensus was that business leaders need to cooperate, collaborate and cocreate. The mindset should be to continuously monitor, drive awareness, and learn from incidents to mitigate risk as soon as possible.
A key takeaway from the session is that all stakeholders have a role to play within the cybersecurity ecosystem. There is a need to proactively respond to incidents and to have a cohesive strategy that includes cyber resilience policies and procedures, appropriate tools, a cyber crisis programme, and basics such as multifactor authentication, software patching, and simulation testing.
Share