In the ever-changing landscape of enterprise security, a familiar figure has emerged, known to most Chief Information Security Officers (CISOs). This character’s primary function is to veto, saying ‘no’ to various tools and technologies, from AI-powered solutions like ChatGPT and DeepSeek to file-sharing platforms favored by product teams.
Historically, this approach was perceived as a security measure, with the goal of minimizing risks and protecting company assets. However, as we navigate the complexities of 2026, it’s becoming clear that this ‘Doctor No’ mentality is no longer tenable.
The role of security teams is shifting from simply blocking access to enabling secure usage of innovative technologies. This requires a more nuanced approach, focusing on risk management and mitigation rather than outright denial.
As companies strive to stay competitive in a rapidly evolving digital landscape, the need for a balanced security strategy is more pressing than ever. By moving beyond the ‘Doctor No’ syndrome, organizations can harness the power of cutting-edge tools while ensuring the integrity and security of their operations.
Source: Original Article
