Intelligent CISO Issue 1 - Page 43

E R T N P X E INIO OP stopped doing their own assessments/ testing. That saved time not only for that team, but also for the IT teams that had to provide that information. Measures must be taken to ensure that the data being used is of the highest quality so that the discussion can move on from the quality of data to the risks that need to be addressed. Automation of the processes A key contributing factor to why we have not solved the basics of security is that we have plenty of tools to automate the generation of data but few, if any, tools to automate the rest of the process: the collection and unification, the prioritisation, the driving of remediation and the ability to automatically track that statu ˂\HY[H\^HY\™[\\HX\YY[H\X[[KH[]X[H\Yۈ[]X[X[KH[Y[HH\X\]Bܚ[Y[H\ۈ[[B]H܈H\X[\X\]H\XK^K\[H[\X[]Y\ˈ^H[Y]BHX\HHޙ[\\[[][\YX[H]H]\˜\]H[X\]K]ݙYYX[[\]Z\Y]\[]\]˜[]X[YH]X\XB\[ˈ[]YH[XY]˚[[Y[\˘B\YH Bۙ\\]H[][\ܝ܂\[^X]]H\ܝ[˂\X[X[\XݙYB[\XH܈YH[^HX[HY\\][۝KHH[YHHYۙB[۝\]Y ]\]H\ۈH^ \HYXH]]]X]K\HY[][\˜]]X][ۈ\[X\]H\X\B\ݙ\Y]\[[Y]ΈYY \HY\X]XH]]X]Y\\]\\ܜ\HZ[[X]\ܜ[ܙX]\[Y\H\]\]X[B[HY [\[Y]]HY&][]X[B[X\]H\HYXY[HZ[B]\]Y]\ܝ\[ۜˈ\H[YHXۙ[HوY[K]Y][HX[H\\[H ^H]ZXHY[\[\]H[[[X\\KH[]\H[\\[]H\H[H\Z[YX][8$[Y\\\Y\˜[\H[Y\[X\]H\Y\8$\[\^Hۈ۝[[ۙˈB[H[\\HX\YY[B\XH\XH]X[ܙH]H[YK܈]\\\\˂[H[]\܈[XYK[^X][ۈو[T[H]\KH[ []و[[\ܙ[\][ۜ\YXY[H\XB[[H\\وH\[B\HZ[\[Y˂[X]\X[Y[Y[[XYY[X\]K]]X][ۈقX[X[KZ[[]H\][ۜ[[[X\]H]H[ۙH[YYY[Y]ܚ]\\XHXZBX\[ۜ[[ݙHܝ\ [Y[H[H\ZY]][HYY B