Data loss prevention vendors tackle gen AI data risks

When CISOs work with go-to-market teams, cybersecurity transforms from a mere cost center into a valuable business function. This change is crucial in B2B interactions where robust cybersecurity controls offer a competitive advantage. A centralized inventory of cybersecurity controls, grounded in current and past contracts, helps businesses gauge the financial impact of these partnerships. This inventory also identifies unnecessary or redundant controls, offering an opportunity for cost reduction and operational streamlining. By updating this centralized list after the termination of contracts, the business can further optimize both its security posture and operational costs. This integrated strategy empowers the business to make well-informed, data-driven decisions that enhance profitability while maintaining robust security controls.

An organization that doesn’t understand or appreciate security won’t be able to adequately identify and prioritize risk, nor articulate its tolerance for those risks based on business goals and objectives, says Kayne McGladrey, director of security and IT for Pensar Development and a member of the professional association IEEE (The Institute of Electrical and Electronics Engineers).

“The CIO won’t see the business impact if there’s not a culture of risk mitigation,” McGladrey says. “A culture where security is seen as someone else’s problem will derail any conversation around security, so the biggest thing for CISOs is to make the conversation with CIOs around risk – not around technologies or shiny objects but around risks to the business.”

Incident responses and recovery plans should be updated biannually. Kayne McGladrey, CISSP and cybersecurity strategist for Ascent Solutions said, “Effective incident response plans must cover preparation, detection and analysis, containment, eradication and recovery, and post-incident activity.”