Enabling Boards to Measure Cybersecurity EffectivenessRapid7’s Jason Hart on How to Make Cybersecurity Part of the Business Process
Operationalizing cybersecurity comes down to making it part of the business process. That includes understanding the appropriate business requirements, ensuring they are aligned to the technology to mitigate risks and threats, and minimizing the impact on the organization, said Jason Hart, chief technology officer for EMEA at Rapid7.
For cybersecurity to be really effective, everyone in the organization must be responsible for security. Goals and the objectives must be clearly spelled out, including lines of accountability and ownership. Hart described this as a cyber target operating model.
In this video interview with Information Security Media Group at Infosecurity Europe 2023, Hart discussed:
- Creating a product-and-loss view of cybersecurity and risk;
- Translating the technology of cybersecurity into business language and reporting KPIs to the board;
- Reducing operational cost and risk, rather than continuing to add resources to cybersecurity.
Hart is the founder and visionary behind various leading security solutions and products, including the cloud-based authentication service. He combines technical, business and commercial skills with the ability and knowledge to start new businesses, maximize resources, execute strategic plans, and build or transform teams to drive innovative and disruptive offerings at a global scale.