Cybersecurity Needs Executive Level Attention


Information security has become a problem that demands the attention of C-suite executives and board members alike.
Once upon a time cybersecurity was a problem exclusively entrusted to the IT department. However, today’s increasingly digital landscape has resulted in a much more complex set of responsibilities. Information security has become a problem that demands the attention of C-suite executives and board members alike.
Strategic measures regarding data protection need to be delegated from the top down. Leaderships must show swift and certain action in light of the onslaught of high-profile data breaches over the last year. Moving forward, new legislation could make a top-down approach to cybersecurity less of a suggestion and more of a demand.
The Cybersecurity Disclosure Act was penned by Senators Susan Collins (R-Maine) and Jack Reed (D-R.I.). The bill sets forth legislation that would require companies to disclose information regarding the cyber expertise of high-level leaders, including (but not limited to) boards of directors and general partners, reported The Daily Dot.
A failure to demonstrate at least one leader at an executive level with cybersecurity knowledge would result in a demand for a formal explanation regarding board member and executive selection. Senator Reed believes that these measures will help public companies “recognize the need to have a cyber expert on their board or accessible to their board.”
New legislation could require executive-level leaders to disclose information regarding their cybersecurity expertise.
The ramifications of feeble cybersecurity Government officials became acutely aware of the potential damage insufficient cybersecurity could cause when the Office of Personnel Management was breached last spring. That occurrence was the motivation behind the new legislation, explained The Daily Dot.
This new bout of government interest in information security helps emphasize the ongoing threat poor cybersecurity poses to U.S. companies. Modern organizations are caught in somewhat of a catch-22: the Internet is necessary for business functionality but it is also a leading threat to company security.
The potential cost of a data breach can be crippling – pair that with the reputational damage to a business and cybersecurity incidents have the ability to knock a company to the ground. “Cybersecurity issues can detriment multiple levels of a company’s functionality.”
Executive action moving forward
The message is clear here: Cybersecurity issues can detriment multiple levels of a company’s functionality and this fact pushes data protection far up on the executive agenda. Leaders need to showcase strong leadership as the company policies drafted today could be a leading differentiator from competitors in the future, reported Forbes in an interview with General Manager of BAE Systems Applied Intelligence Scott McVicar.
“One of the main functions of company boards has always been to balance risk against the ability to generate revenue and profit,” noted McVicar. “Companies that are able to affordably balance risk against profitability in this new environment will move ahead of competitors that cannot. Board directors need to ensure they have a flexible, responsive cyber security strategy in place that successfully provides the best possible defense for their business strategy.”
Despite this increasing pressure for executives to get serious about cybersecurity, many organizations are nowhere near ready to implement the delicate strategies that are necessary to protect against various cyber threats. From an overall underestimation of cyber threats to a failure to embrace the digitized world, the slow-to-go approaches to digital transformation will no longer cut it. Leading executives must take the necessary steps to move cybersecurity responsibilities beyond the IT department. This will require executives to clearly communicate the roles every employee plays in cybersecurity. “The worst thing executives can do is simply ignore the problem.”
Moreover, leaders need to begin pushing for further education in the realm of cyber protection. Here at The National Cybersecurity Institute we offer training courses for professionals to prepare for key cybersecurity certifications such as the CompTIA®Security+ certification and the Certified Information Systems Security Professional (CISSP®). This training extending to executive leadership, with a course dedicated to preparing aspiring chief security officers for the EC-Council C|CISO exam.
Cybersecurity is an uncomfortable reality for many business leaders. However, the worst thing executives can do is simply ignore the problem. In the face of ever-growing threats, the best weapon is education. Learn more about how to further your cybersecurity expertise today.
Learn more about protecting your small business or non-profit here.
SOURCES
Drinkwater, D. (2016, January 7). Does a data breach really affect your firm’s reputation? CSO. Retrieved from http://www.csoonline.com/article/3019283/data-breach/does-a-data-breach-really-affect-your-firm-s-reputation.html
Geller, E. (2016, January 27)Washington wants corporations to disclose their boards’ cyber expertise. DailyDot. Retrieved from http://www.dailydot.com/politics/cybersecurity-corporate-board-expertise-disclosure-bill/
Trapp, R. (2015, December 20). In The Digital World CEOs Need To Embrace The Opportunities – And Take The Threats More Seriously. Forbes. Retrieved from http://www.forbes.com/sites/rogertrapp/2015/12/20/in-the-digital-world-ceos-need-to-embrace-the-opportunities-and-take-the-threats-more-seriously/#164d89116a9f