Oscar Wide discusses the CISO challenges at AFRY
As we prepare to host our first CIO Europe event in Stockholm, Sweden in March 2020, our Head of Production for Europe, Craig McKenna, recently spoke to registered attendee Oscar Wide, CISO at AFRY on the issues in the IT & Security industry which are most prominent in the Nordics region.
Oscar describes himself as a results-driven leader with a passion for cyber security, innovation and creating business value and lists his key competencies as including but not limited to risk management, IT strategy, Vendor management & Business relations. Oscar joined AFRY as CISO in October 2018 following IT consultancy and managerial roles in industries such as management consulting, insurance/finance and healthcare and is also a Board Member at the Cloud Security Alliance.
When asked about his biggest challenges currently, Oscar Wide, CISO at AFRY, explained that his company has recently gone through a merger and so the new legislation and requirements associated with that are high on his agenda as well as the cultural changes that will inevitably come with the amalgamation of another company.
Oscar also explained that ‘at the core it’s about integrating two IT security environments into one, a big challenge, but also a CISO’s dream come true to be able to re-design the security environment into a holistic concept that is prepared for a new cyber decade. Oscar also points out that to be successful in driving change, one has to have good communication of vision, empower action, build momentum on quick wins and celebrate success along the way.
’Also it’s important to have laser sharp priorities, or one will end up with double the amount of work without getting a return in value.’
Following recent CIO Europe events in Berlin, Paris and Zurich, the question of where the CISO sits within an organisation has become an interesting discussion. In terms of the Nordic region, Oscar explains that ‘it is changing a lot, at least in the Scandinavian countries. I think it is becoming more of a change to have the CISO outside the IT function. I know some of the larger Scandinavian companies are making that switch to become more risk management oriented in the leadership suite.
At AFRY, from the start, the decision was made to have a more holistic perspective because having the CISO report to the CIO can be a conflict of interest. The CIO’s main role is to deliver good service to the business quickly while the CISO maintains the quality of security at a high level. Risk needs to be managed in a way so that you can weigh it against value.’
Our CIO Europe event in Stockholm, Sweden takes place on Thursday 5th March 2020. If you are interested in learning more about this event, click here.