The CISO is often in a position where vulnerabilities are known and implementing a solution may result in an insecure posture. Should the CISO say ‘no we can’t do that’ or ‘figure out how to make it happen’?
Dan Lohrmann, Chief Security Officer and Chief Strategist at Security Mentor, discusses how as a CISO he faced a dilemma where he was asked by the business to implement a technology despite having stacks of research indicating that the technology was insecure - check it out...