Leadership & Executive Communication , Standards, Regulations & Compliance , Training & Security Leadership
From IT to Boardroom: NIS2 Reshapes Cybersecurity Roles
Schellman CEO Avani Desai on Preparing Executives for New Security ResponsibilitiesWith the NIS2 Directive fast approaching, cybersecurity has evolved from a technical challenge to a critical business priority for all senior leaders. It's similar to the shift in financial accountability introduced by the Sarbanes-Oxley Act in the U.S., said Avani Desai, CEO at Schellman.
See Also: The CISO Playbook for Cloud Security
In the first of a two-part series on NIS2 regulations, Desai discussed the stringent reporting requirements and compliance challenges of NIS2. In this interview, Desai explains how leadership must integrate cybersecurity into governance and strategic decision-making.
"Before 10 years ago, it was an IT issue. IT fixes it. Now, it's a core part of business strategy," Desai said. "When you start seeing penalties and issues with your stock price going down, it’s truly a business strategy."
Organizations need to provide board-level training specific to their roles and require senior leaders to participate in tabletop exercises to better understand incident response and decision-making during a crisis, she said.
In this video interview with Information Security Media Group, Desai also discussed:
- How cybersecurity has evolved into a core part of business strategy;
- The importance of tailored cybersecurity training at all levels of the organization;
- The role of tabletop exercises in preparing leadership for incident response.
Desai's experience in information security, operations, P&L, oversight and marketing involves startup and growth organizations. Featured in Forbes, CIO.com and The Wall Street Journal, she speaks on topics such as privacy, information security, future technology trends and the expansion of young women in technology.