“CISOs must prioritize moving from an operational state to a cyber security state by gaining a clear understanding of all aspects of cyber exposure management: asset detection and management, early threat detection, vulnerability discovery, prioritization and remediation,” Simpson said.
“This will not only enable continued compliance with DORA’s forward-looking directives, but will also empower security teams to protect the entire attack surface and manage their organization’s cyber risk exposure in real-time to strengthen overall cyber security against existing and emerging threats. “
Compliance does not equal security, as the old saying goes, but DORA and GDPR compliance will, as Simpson points out, “strategically empower security teams,” and isn’t that the desired outcome for all CISOs?
Source link