- Cyber attacks remain a persistent and potentially costly threat to the successful operations of companies and government organizations
- While small to medium-sized businesses (“SMBs”) may be unable to manage the costs of hiring full-time cybersecurity experts, an emerging trend is supplying virtual chief information security officer (“vCISO”) services on a contract basis
- SideChannel Inc. provides vCISO consultancy and proprietary software for microsegmentation needs, drawing on years of experience in the cybersecurity arena
- SideChannel CEO Brian Haugli recently addressed important elements of vCISO client relations on the Cyber for Hire podcast, including expertise, geographical accessibility, and financially sound controls-based strategies
Cybersecurity experts in a wide variety of organizations have already issued lists of the top threats they anticipate for 2023, acknowledging the persistence and state of flux of cyber attacks worldwide.
In particular, ransomware attacks lead to companies effectively being held hostage by cyber criminals demanding a reward before they will cease their attacks on the company and allow it to resume full use of its operational platform. The Des Moines Public School district, one of the most recent school districts to be targeted by such an attack, found itself compelled to cancel classes this month while the problem was addressed by IT staff, and announced that the school year in Iowa’s largest district will be extended into June to make up for lost class time (https://ibn.fm/YVExy).
The U.S. Bureau of Labor Statistics expects the demand for cybersecurity workers to remain high with significant earnings through 2031 (https://ibn.fm/Wht8x), despite nearly 175,000 layoffs reported among the larger tech worker sector during the past year (https://ibn.fm/JHgaZ).
The outsourcing of cybersecurity needs to virtual chief information security officer (“vCISO”) services is an emerging trend that provides affordable security staffing on a contract basis to those SMB companies that might find their budgets too small to employ an in-house cyber expert while recognizing the importance of having a security strategy in place.
Cybersecurity services and technology provider SideChannel (OTCQB: SDCH) draws on years of experience in the sector to provide especially effective vCISO solutions to its clients, and CEO Brian Haugli recently discussed the decisions that go into a successful working relationship between vCISOs and clients in an interview with the Cyber for Hire podcast.
“Our clients usually come to us — CFOs, CEOs, CTOs — and they basically say, ‘I don’t know what I need to do around cybersecurity, I just know I need to do the right thing. I need a risk management capability. I know I need it, but I don’t know how to get there,’” Haugli told the podcasters (https://ibn.fm/2IPtm). “And it’s almost like they’re asking me, ‘Tell me the right questions I should be asking you, and then I’ll be able to better figure out if you’re the one I want to work with based on how you led me through that journey.’”
During the course of the 40-minute podcast, Haugli addressed the importance of ensuring vCISOs are expert enough to understand the cultural needs of the client (can a healthcare tech expert flexibly adapt to the security needs of a manufacturing client, for example), working within a reasonable geographic region (does an East Coast cybersecurity expert really expect to be fully available on a West Coast client’s schedule?) and recognizing how to establish a strategic vision for the client in a budget-conscious manner.
Although some companies may want to place an emphasis on tracking their return on investment (“ROI”) from cybersecurity, as Forbes recently opined (https://ibn.fm/nFovi), Haugli rejected the idea of using ROI as a basis for the financial policy underlying cybersecurity strategy.
“But, we are very much involved in, and should be involved in, setting the budget, whether it’s working with the CIO or the CTO or whomever it is,” Haugli said. “That should be objectively created based on gaps that you have identified in your current state on your path to your target state.”
As an example, Haugli cited a scenario in which a company is trying to meet cybersecurity industry standards established by the National Institute of Standards and Technology Cybersecurity Framework, in which 108 potential security controls for the client’s operation are identified but only 99 are actually applicable to the client, and the client is already doing 89 of them.
“Which means we have 10 to do. This is like simple math,” Haugli said. “I have to meet (with the client) and figure out how to address those 10 gaps. OK. Now I know where my direction should be on what to go purchase, what should I go fund. Based on control objectives. … Having a control-based kind of approach allows you to actually have that conversation with the CFO where they can go, ‘OK the thing you’re going to buy that you need $100,000 (for) is going to do eight of the 10 controls that we have gaps on. I get that, that makes sense.’”
For more information, visit the company’s website at www.SideChannel.com.
NOTE TO INVESTORS: The latest news and updates relating to SDCH are available in the company’s newsroom at https://ibn.fm/SDCH
About QualityStocks
QualityStocks is committed to connecting subscribers with companies that have huge potential to succeed in the short and long-term future. It is part of our mission statement to help the investment community discover emerging companies that offer excellent growth potential. We offer several ways for investors to learn more about investing in these companies as well as find and evaluate them.
QualityStocks (QS)
Scottsdale, Arizona
www.qualitystocks.com
480.374.1336 Office
Editor@QualityStocks.com
Please see full terms of use and disclaimers on the QualityStocks website applicable to all content provided by QS, wherever published or re-republished: http://www.qualitystocks.net/disclaimer.php
No comments:
Post a Comment