Virus and malware defense has long been viewed as a purely IT problem. Even though some organizations appoint Chief Information Security Officers (CISO), the fact remains that information security is often viewed as a challenge that lies well below board or C-level attention.
However, the events of recent years have highlighted the danger of this viewpoint. With the FBI warning corporations that they are at risk and so many high-profile victims in the news, organizations, led by their CEO, must integrate cyber risk management into day-to-day operations. Additionally, companies must take reasonable measures to prevent cyber-incidents and mitigate the impact of inevitable breaches.
The concept of acting “reasonably” is used in many state and federal laws in the United States, Australia, and other countries. Blaming something on IT or a member of staff is no defense. CEOs are responsible to restore normal operations after a data breach and ensure that company assets and the company’s reputation are protected. Failure to do so can open the door to legal action.
Let’s put it in these terms. A cyber breach could potentially cause the loss of a bid on a large contract, could compromise intellectual property (IP) and loss of revenue, to name just a few of the repercussions. That places cybersecurity firmly at the top of the organizational chart, similar to all other forms of corporate risk.
No matter the size of the company the involvement of the CEO and communication with their staff is critical in the leadership, lively hood and company success.
Next post find out ~ Technology vs. The Human Firewall..Think Before You Click!
Tina Louise ~ www.cloudplusservices.com ~ 888.871.6584