How CISOs can meet the demands of new privacy regulations

On the list of high-priority concerns for chief information security officers (CISOs) these days, privacy is occupying an increasingly prominent position.

Privacy has always been important for businesses and other organizations handling sensitive customer and stakeholder information, but recent changes in privacy regulations are putting greater responsibility on CISOs, who are required to perform thorough risk assessments while making the results available on demand. Failure to conduct assessments or correct deficiencies can incur significant fines and, in some cases, even jail time.

CISOs need to take a proactive approach to meeting the challenge, particularly by performing rapid data security assessments to identify vulnerabilities and high-priority risks—including those involving third parties—and implement mitigations to protect data, the organization and its customers.

State regulators want risk assessments—now

A number of states have recently upped the ante for CISOs, requiring detailed risk assessments that must be produced ...