Many chief information security officers view their responsibilities through the NIST model of Identify, Protect, Detect, Respond, and Recover. The old days of breaching a network’s perimeter technologies and slowly hacking laterally across systems is less of an emphasis thanks to the cloud. With stolen credentials, a device is often one hop from accessing the crown jewels of privileged data in the cloud. Educating software developers into better practices is key, and a strategic initiative is securing applications with DevSecOps. “A CISO’s operation involves spotting the noise of false positives and low-priority breaches,” says one CISO.”]
Source: https://www.darkreading.com/cloud/5-cybersecurity-ciso-priorities-for-the-future