Read at TechRepublic
Nick Godfrey, Senior Director and Global Head of the Office of the CISO at Google Cloud, suggests that CISOs should consider both buying security products/services and investing in modern infrastructure to effectively allocate their finite resources. He emphasizes the challenges of making legacy technology defendable with security products alone, highlighting the need for a balance in resource allocation.
One of the most important things to think about when determining how to best allocate the finite resources that any CISO has or any organization has is the balance of buying pure-play security products and security services versus thinking about the kind of underlying technology risks that the organization has.
Godfrey also discusses the importance of prioritizing spending on ransomware and data theft, but emphasizes that it is equally crucial for CISOs to focus on response and recovery capabilities. He acknowledges that these types of attacks are common, highlighting the need for organizations to be prepared to effectively respond to and recover from such incidents.
Data theft and ransomware attacks are very common