Maintaining Momentum in Your Security StrategyGlen Hymers of UK Cabinet Office on Keeping Communication Relevant
Cybersecurity practitioners have gained the attention of corporate boards, but that initial attention must be converted into momentum, says Glen Hymers, head of data privacy and compliance at the U.K. Cabinet Office. A recent survey by the World Economic Forum finds that cybersecurity is often not seen as a business priority.
See Also: ISMG Editors: RSA Conference 2023 Preview
Hymers advises cybersecurity risk executives to discuss risk in the context of what competitors and peers have achieved. He credits "constant communication" with the board as a way to maintain momentum. "It's all about finding the implications and defining it for the organization, defining what the business looks like and what's the impact if this happens," he says.
He also recommends that when cybersecurity risk executives don't have direct board representation, to get "an individual to sponsor your interactions with the board … so they can present your case back to the board in a passionate and confident manner."
In a video interview with Information Security Media Group, Hymers discusses:
- Techniques to get the executive level invested in cyber risk management;
- How to maintain the momentum in that strategy;
- How rising supply chain attacks and geopolitical tensions have changed expectations of board members.
Hymers has a background in policing and security; he joined the RAF Police in 1998 and worked in the Counter Intelligence Unit. After leaving the RAF in 2012, he joined Fujitsu Defense and National Security as head of operational security and risk management before moving to Sopra Steria as head of operational security for government accounts. In 2016, he took on the role of chief security officer at The Prince's Trust and was appointed as the DPO in 2017. Most recently, he served as global CISO and head of data protection at Save the Children International.