(US and Canada) Sabrina Donley, Senior Key Account Manager and Founding Team Member at CybrCastle, speaks with Robert Lutton, VP, Sandhill Consultants and CDO Magazine Editorial Board Vice Chair, in a video interview discussing how mid-size companies should build their security programs and mature their cybersecurity.
Donley comes from a risk management and strategy background and has been helping organizations achieve better cybersecurity and acceptable risk via CybrCastle. When asked how mid-size companies should build their security program, she mentions the following skill gaps that need to be filled:
- The risk manager — for understanding the budget, getting the most value for the cybersecurity investment, and preventing cyber tax.
- Executive teams and the board’s understanding of cybersecurity.
- The security manager — for finding the people and the tools, and managing change across the organization.
- The security analyst — someone who does the implementation.
Next, Donley speaks about the risk of needing more skills. She mentions the case of a manufacturing company that realized if cybercriminals got into the system, they could get admin access quite quickly. Similarly, the leadership team of another company that needed to recognize the need for specific cybersecurity expertise ended up getting overwhelmed by the security scenario.
Donley further suggests organizations maturing their cybersecurity program opt for a Fractional CISO as it can cost less than hiring a full-time professional.
CDO Magazine appreciates Sabrina Donley for sharing her insights and data success stories with our global community.