Bridging the Security and Business GapSwire Coca-Cola's Ihensekhein on Working Closely With Various Stakeholders
While CISOs need to show the security road map to the businesses, they also cannot act as a showstopper for them. Rather than understanding only the technical nuances of a company, a CISO must invest time to understand the function of each stakeholder, said Silvia Lam Ihensekhein, director of information security and risk management at Swire Coca-Cola.
"I really encourage cybersecurity professionals to not just sit on their cubicle looking at security and controls," Ihensekhein said. "One needs to go outside to understand the business."
"I will visit the various Coca-Cola plants to understand their operations, or I pair up with the sales team to understand their strategy," she said. "By doing this, you will have operational experience. So, when you speak to executive stakeholders, they don't see you as an outsider."
In this video interview with Information Security Media Group, Ihensekhein also discussed:
- How CISOs can collaborate with businesses;
- Reporting to the CEO vs. the CIO;
- How CIOs and CISOs can work together.
Ihensekhein believes in balancing organizational objectives and implementing continuous improvement initiatives to rapidly reduce cyber risk and adopt new technologies.