Ahmet Gökhan Yalçın’s Post

Journey to the NIST CSF 2.0 🛡️ On February 26, 2024, the U.S. National Institute of Standards and Technology (NIST) unveiled a monumental update with the release of Cybersecurity Framework version 2.0. This pivotal moment marks a comprehensive evolution from its predecessors, significantly broadening the scope to integrate a wider spectrum of organizational types and sizes. What's New in Version 2.0? - Inclusive of All Sectors: The updated framework transcends its initial focus on critical infrastructure, welcoming businesses, government bodies, academia, and non-profits to bolster cybersecurity practices. - Introduction of the Govern Function: Adding a sixth function to the foundational five (Identify, Protect, Detect, Respond, Recover), the "Govern" function emphasizes the strategic management of cybersecurity risks, underscoring the importance for executives to regard cybersecurity on par with financial and reputational risks. - Enhanced Focus on Cybersecurity Supply Chain Risk Management (C-SCRM): A dedicated category for C-SCRM in Version 2.0 underscores the criticality of securing the supply chain in today's interconnected digital ecosystem. - New Tools and Resources: NIST has rolled out an array of tools and quick start guides to streamline the framework's implementation across diverse organizational landscapes, from small businesses to large enterprises. The NIST Cybersecurity Framework 2.0 propels us towards a more secure, resilient cyber future, equipping organizations globally with the tools and guidance needed to navigate the evolving cybersecurity threat landscape. This is more than an update; it's a transformation in how we understand, prioritize, and communicate cybersecurity efforts across the board. #NISTCSF #Cybersecurity #RiskManagement #CyberResilience #DigitalTransformation

Cybersecurity in the Spotlight: CISOs Walk an Evolving Threat Line Amidst Cybercrime Surge At a recent cybersecurity conference hosted by Jamey Cummings and Job Voorhoeve , CISOs Harvey Ewing and Dimitri van Zantvliet discussed the critical evolution of the CISO role in a world where cybercrime rivals major global economies. They highlighted the challenges and opportunities in balancing technological advancement with robust security measures. Van Zantvliet stressed the importance of experience before stepping into a CISO role, emphasizing the continuous nature of the cybersecurity battle. Ewing pointed out the potential for CISOs to transition into other C-suite roles, reflecting the growing recognition of their strategic importance. Both speakers explored the tensions between business enablement and security priorities, advocating for a 'healthy conflict' between CIOs and CISOs to foster collaboration and achieve business objectives. Key discussion points also included the impact of legislation on business, the importance of ethical security practices, and strategies for building a security-aware culture within organizations. #CybersecurityLeaders #CISORoleEvolution #CybercrimeEconomy #DigitalSafety #CISOvsCIO #CybersecurityConference #InfoSec #CyberResilience #EthicalSecurity #CISOCareerPaths

"The CISO is no longer just a necessary evil!" Last week, Amrop's Global Digital Practice quarterly online event explored the theme of "The evolution of the CISO role: CISO as a business enabler." Follow the link for the key take-aways from both CISOs! To find out more, contact the Amrop Digital Practice member in Ukraine - Viesturs Liegis! For more insights on the topic of CIOs & CISOs managing tensions and working together, which we explored together with Amrop's global search partner JM Search, follow the link to our recent study Digitization on Boards 6

🔐 Unlocking Sustainable Success: Insights from Amrop's Digital Practice Webinar Series Last week, Amrop’s Global Digital Practice hosted an illuminating #webinar series titled “#Sustainable Success Stories: Digital Practice - The #CISO.” 🚀💼 In this dynamic session, we delved into the evolving role of the Chief Information Security Officer (CISO) and its impact on #business resilience.   As #cyber threats continue to evolve, the CISO’s responsibilities extend beyond safeguarding #data. They now play a pivotal role in shaping Strategy, Innovation, and Organizational resilience. From navigating #compliance challenges to fostering collaboration, our experts explored it all. Check out the full discussion here https://lnkd.in/ggTSaJ9v Join the conversation! Share your thoughts on the CISO’s evolving role in the comments below. Let’s drive sustainable success together! #LeadershipInsights #Cybersecurity #BusinessResilience #AmropIndia #ExecutiveSearch #DigitalTransformation #webinarseries #executivesearch #CISOrole

While the apparent costs of cybersecurity solutions are often the primary focus during the decision-making process, it is crucial for organizations to recognize and account for the hidden costs that lie beneath the surface. These hidden costs—encompassing complexity, performance degradation, and friction—can significantly impact the overall effectiveness and efficiency of security measures. By adopting a comprehensive risk management approach and thoroughly evaluating both the visible and hidden costs, organizations can make more informed decisions that balance security needs with operational efficiency and budget constraints. #CyberSecurity #InfoSec #RiskManagement #ITSecurity #DataProtection #SecuritySolutions #CyberRisk #TechLeadership #EnterpriseSecurity #SecureWorld

Next week UpGuard is hosting another quarterly Summit. 🤩 If you don't know, UpGuard Summit is a free quarterly virtual event that unites global security leaders to explore the future of cyber risk. 🔐 I'm particularly excited to watch my colleagues Letecia Allen and Michael Tan discuss how companies can mitigate procurement risk and manage human risk. But I'm also looking forward to hearing our keynote speaker Jeff Farinich, Chief Information Security Officer & SVP of Technology at New American Funding. Jeff will be diving deep into cloud security and third-party risk management, sharing valuable insights to help you navigate the challenges and opportunities in today’s fast-changing digital world. As with previous Summits, we're doing this in multiple regions so anyone in the world can join. 🗺 🇺🇲 🇨🇦 🇲🇽 North America: Tuesday, August 20th at 1:00 pm PT / 4:00 pm ET 🇬🇧 🇮🇳 EMEA + India: Thursday, August 22nd at 9:00 am BST / 1:30 pm IST 🇦🇺 APAC: Friday, August 23rd at 1:00 pm AEST Link to register in the comments. 👇 #UpGuardSummit #CloudSecurity #ThirdPartyRisk #CISO #HumanRisk

Meet Daniel Goldenberg, Our Cybersecurity Transformation Leader We’re excited to introduce Daniel Goldenberg, an accomplished cybersecurity executive with over a decade of experience enhancing security programs across regulated industries. Daniel brings strategic insight and technical acumen to address your most complex cybersecurity needs. What can Daniel help you solve? Strengthening Regulatory Compliance:   Daniel has a proven track record in implementing and managing compliance with frameworks such as SOC 2, NIST CSF, PCI-DSS, and HIPAA. He helps organizations navigate regulatory complexities and achieve continuous compliance in a streamlined, sustainable manner. Building Future-Ready Security Architectures: From zero-trust models to cloud security strategies, Daniel designs and implements robust security architectures that align with business objectives. His expertise ensures your organization remains secure and adaptable as it scales. Rapid Incident Response & Risk Mitigation:   Daniel’s incident response and risk management expertise enables your organization to minimize downtime and recover quickly from cyber incidents. His strategies are designed to not only mitigate threats but also build resilience for future challenges. Optimizing Vendor & Third-Party Risk Management:  Daniel ensures that your vendors and third-party providers align with your security standards, helping you manage risks across the supply chain. His approach strengthens partnerships while protecting your business from potential vulnerabilities. Let’s talk about how Daniel can help turn your cybersecurity challenges into strategic strengths. #CybersecurityLeadership #DigitalTransformation #RiskManagement #ComplianceSolutions #Consulting

In today’s world, #cybersecurity is no longer just a technical concern — it’s a cornerstone of business resilience and growth. As cyber threats grow more sophisticated, executive engagement is vital to align security strategies with business objectives. Yet many organizations still view cybersecurity as an isolated technical function, rather than a critical component of risk management and value creation. Having direct cybersecurity representation on the board ensures that discussions about digital risk, resilience, and customer trust include a security perspective. CISOs bring unique perspective on potential threats, regulatory challenges (more on the increasingly hyper-regulated landscape in a future post), and industry trends that directly impact business continuity — and, in some cases, survival. When cybersecurity is part of strategic decision-making, organizations can better prioritize resources, enable secure innovation, and proactively address risks that could jeopardize their reputation and financial health. For businesses looking to protect and sustain growth, making cybersecurity a boardroom priority isn’t just ideal — it’s essential in today’s digital landscape. Food for thought. #Leadership #RiskManagement #CISO #DigitalResilience #Innovation #BoardroomLeadership #WednesdayFood4Thought

Sydney's IT landscape is evolving rapidly, with CIOs and IT leaders in supply chain, manufacturing, and finance facing key challenges. From cybersecurity threats to legacy system management and budget constraints, the pressure is on. NextGen IT Advisors offers tailored solutions to tackle these pain points effectively. 🇦🇺 #IT #Cybersecurity #LegacySystems #BudgetManagement #TalentAcquisition #CloudMigration #NextGenITAdvisors #Sydney #Australia #Manufacturing #Finance #SupplyChain