SECRETS OF THEIR SUCCESS
The democratization of
security
It's no secret that the responsibilities of security and risk management
executives, like CISOs, CSOs, and CTOs, are dramatically expanding.
Not only are we accountable for being preemptive and vigilant against security
threats and safeguarding business networks, we're now rapidly evolving to
become stewards of our organization's brand, strengthening its reputation
while also building board credibility and customer trust.
In my more than 12 years as CISO of Amazon Web Services, and now CSO
of Amazon, I've partnered with numerous AWS customers in their cloud and
security journeys. I've come to recognize some standout organizations that
are taking on this transformation remarkably well. I've also been able to see
firsthand how they're doing it.
What do we mean by successful security organizations? These are companies
that are improving their risk posture at a more efficient rate than others,
while, at the same time, optimizing their use of cloud to create new forms of
business value at a faster pace.
The three key traits of
highly successful security
organizations:
1. They are forward-leaning with audit
and legal
2. They leverage automation
3. They practice agile decision making
2