In a perfect world, CISO’s would feel equipped with security resources and tools to combat against any threat. While we know this world will never exist, it’s imperative CISO’s strategize a necessary infrastructure to arm and defend their critical systems. Maintaining the security of these systems comes at a cost. In this report, we discuss the reality in which a CISO does not have direct control over every potential risk, however, researchers highlight the responsibility of assessing these risks that often emerge.

(Charles Kolodgy, Security Current)