7 top cybersecurity projects for 2025

4. Strengthen compliance with an integrated risk management strategy

CISOs are most vulnerable to being cited for non-compliance, so they will play an important role in implementing compliance programs, says Michael Fanning, CISO at Splunk, which specializes in intelligence software. “In this case, they can take a more natural approach, such as limiting where the company’s data is stored.” Yet CISOs shouldn’t try to manage this project alone, he cautions. “CISOs and CIOs need the help of general counsel to support policy and program strategies and set organizational priorities.”

“Together, CISOs, CIOs, and general counsel will not only develop a unified risk management strategy and collaborate on policy, they will build cross-functional teams to monitor regulatory shifts, assess impacts, and make necessary changes across the organization,” Fanning predicts. “They will also need to work closely with investment strategies, infrastructure decisions, and vendor selection to stay compliant with where certain data may reside,” he says. “This successful partnership will develop shared dashboards and reporting tools, which will help everyone stay up-to-date on compliance and respond quickly to new regulatory issues.”

5. Establish asset visibility and robust cloud management

As has been the case for the past few years, the main challenge for CISOs has been achieving complete asset visibility and effective cloud management, said Jim Broome, CTO at cybersecurity services company DirectDefense.


Source link