If you missed the first part of our series (What will be the top cybersecurity threats in 2023?) we highly recommend you go check it out here. ‍

As we look towards 2023, it is important to gain insight from top cybersecurity experts on the emerging threats and trends in the field. In this interview series, we spoke with four leading CISOs in order to gain their perspective on the threats, trends, and their personal goals as CISOs in 2023. Meet our panel of distinguished CISOs who will impart their foresight and guidance on the future of cybersecurity in 2023. ‍ ‍

Two years ago, Kovrr took a unique approach to cyber risk modeling of financial quantification (FQ) and expanded to the enterprise market. After a long time of quantifying risks of portfolios for global insurers and reinsurers, Kovrr was able to build expertise around quantifying risk with specific expertise in acquiring high-quality data to feed our models and fast time to value using automation.

During the last week of December, a threat actor who goes by the name “Ryushi”, claimed to be selling public and private data of 400 million Twitter users, which was scrapped in 2021, using an API vulnerability which was fixed by Twitter in 2022. Since then, Ireland’s Data Protection Commission (DPC) notified that it "will examine Twitter's compliance with data-protection law in relation to that security issue".

‍ Even maintaining current budgets can be hard as companies look for cost savings in non-revenue-generating areas. But you don’t have to wait for a cyber attack to occur to prove that you need to invest in cybersecurity. ‍ Instead, CISOs can demonstrate the ROI of their current spend, and potentially convince other leaders to increase budgets, by using cyber risk quantification (CRQ).

I am yet to meet a CISO who has been given unlimited resources to secure the organization, and in almost all cases, there is more work that can be done to improve security. So given infinite time and resources, how to prioritize the next strategic initiative or project? The increasing maturity of security control frameworks such as those developed by NIST and CIS provide a good structure for maturing a cyber security programme, mapped to preventing common tactics, techniques and procedures .