Global Compliance , Governance & Risk Management , Leadership & Executive Communication
ISACA 2021 Report: Top Trends, Improving Cyber MaturityJenai Marinkovic Discusses Highlights from ISACA's State of Cybersecurity Report
Key challenges from the recent State of Cybersecurity 2021 include, "Integrating risk with maturity and keeping up with industry trends," says Jenai Marinkovic, member of the ISACA Emerging Trends Working Group.
See Also: Live Webinar | Breaking Down Security Challenges so Your Day Doesn’t Start at 3pm
"It's oftentimes difficult for leadership to delineate between your capability maturity and your compliance level, because we've been pushing compliance, and compliance is oftentimes one of the big business drivers for an information or GRC capability," she says.
Not all parts of a program need to have the same target maturity level, according to Marinkovic. "Based on the output of your risk assessment, you can pinpoint exactly where you need to have the most mature part of your cybersecurity capability, and that's a way that you can leverage a risk assessment to help you move forward your capability maturity assessment and begin that dialogue with executive leadership."
In a video interview with Information Security Media Group, Marinkovic discusses:
- Key highlights from the ISACA State of Security 2021 Trends Report;
- The challenges of assessing cybersecurity maturity;
- Why investing in your people is crucial to improving your cybersecurity capabilities.
Marinkovic is vCISO & vCTO at Tiro Security and a member of the ISACA Emerging Trends Working Group. Her background includes building and managing engineering, information security, and innovation and product development organizations. She has built and managed large enterprise security capabilities, including information security program management, security governance, security research and innovation, consumer product security, architecture, engineering, testing and assessment, security operations, threat management, cyber defense, incident response, forensics and e-discovery.