TRENDING
management life cycle . By 2027 , 50 % of large enterprise chief information security officers ( CISOs ) will have adopted human-centric security design practices to minimize cybersecurity-induced friction and maximize control adoption . talent have seen improvements in their functional and technical maturity . By 2026 , Gartner predicts that 60 % of organizations will shift from external hiring to “ quiet hiring ” from internal talent markets to address systemic cybersecurity and recruitment challenges .
“ Traditional security awareness programs have failed to reduce unsecure employee behavior ,” said Addiscott . “ CISOs must review past cybersecurity incidents to identify major sources of cybersecurity induced-friction and determine where they can ease the burden for employees through more human-centric controls or retire controls that add friction without meaningfully reducing risk .”
SRMs leaders must encourage active board participation and engagement in cybersecurity decision making .
Enhancing people management for security program sustainability
Traditionally , cybersecurity leaders have focused on improving technology and processes that support their programs , with little focus on the people that create these changes . CISOs who take a human-centric talent management approach to attract and retain
Transforming the cybersecurity operating model to support value creation
Technology is moving from central IT functions to lines of business , corporate functions , fusion teams and individual employees . A Gartner survey found that 41 % of employees perform some kind of technology work , a trend that is expected to continue growing over the next five years .
Threat exposure management
The attack surface of modern enterprises is complex and creates fatigue . CISOs must evolve their assessment practices to understand their exposure to threats by implementing continuous threat exposure management ( CTEM ) programs . Gartner predicts that by 2026 organizations prioritizing their security investments based on a CTEM program will suffer twothirds fewer breaches .
“ CISOs must continually refine their threat assessment practices to keep up with their organization ’ s evolving work practices , using a CTEM approach to evaluate more than just technology vulnerabilities ,” said Addiscott .
24 INTELLIGENTCIO LATAM www . intelligentcio . com