Print in the Channel - issue #28

KYOCERA

No CISO? No problem

Andrew Smith, Kyocera’s CISO, explains how businesses can secure themselves against external threats and keep their digital assets and data safe

Chief informational security officers (CISOs) have been a staple of C-suite management teams in recent years, with cyber threats and cyber-readiness becoming a dominant theme for many businesses. In a market where cost is critical, some businesses – especially start-ups – decide there is no option but to remove or avoid hiring a CISO, but that doesn’t negate potential cyber-risks that can threaten any business. If a business is going to forgo a dedicated team member for cybersecurity, a business can still be prepared against digital threats. “To ensure risk is managed, and digital assets are protected, businesses should consider their existing frameworks, governance, and control models,” says Andrew. “With proven frameworks and models embedded, there is more chance that the continuation of these controls will provide some level of risk management and stability.” Andrew has a checklist for businesses without a CISO: 1 Understand how the digital strategy fits the overall business strategy and

underline the dependencies and interconnections. 2 Put together a comprehensive database of what market data and insights their digital strategy is based on. This ensures a business is only using relevant and trusted data to inform business strategy. 3 U nderstand the scope for execution beyond the traditional roles of a CISO. For example, do the resources in middle management exist to execute a plan if provided to them by an outgoing CISO or outsourcing company? “If the chosen path is to outsource, companies should strongly consider how they are ensuring governance, control, and best-in-breed advice for their preferred supplier,” says Andrew. “Does the outsource supplier have the transparency to enable these controls to be owned by other C-suite members? “With the path to finding the right talent becoming increasingly complex, there is a space for outsourcing if you believe transparency and control can be achieved alongside true partnership that enables the business to achieve the transformation to remain relevant.” n

Andrew Smith CISO

kyoceradocument solutions.co.uk

If the chosen path is to outsource, companies should strongly consider how they are ensuring governance, control, and best- in-breed advice for their preferred supplier. “ ”

Cryptographic technology obtains certification

Kyocera Document Solutions Inc. has announced that the integrated circuit developed by Kyocera primarily for use in A4 multifunction products and printers has obtained certification under the information security standard ‘FIPS 140-3’, established by the US National Institute of Standards and Technology. FIPS 140-3 specifies advanced information security requirements for the design and implementation of cryptographic modules and is widely adopted

as a standard in groups requiring extremely high levels of information protection, such as government agencies, financial institutions and medical organisations. With this certification, Kyocera demonstrates that its cryptographic technology meets the rigorous, internationally recognised information security standards necessary to appropriately protect highly confidential information. n

printinthechannel.co.uk