As data breaches continue, how can organizations protect their valuable information?
In 2013, 40 million credit cards and 70 million customer addresses, phone numbers and other personal data were stolen from the Target corporate systems. Three years later, data breaches show no sign of slowing, with LinkedIn and the IRS only two of the latest in a long list of organizations whose data has been compromised.
To avoid becoming the latest data breach statistic, organizations need to take concrete steps to prioritize security. One step organizations can take is making the CISO (or head of security) a direct report to the CEO, rather than reporting to the CIO. Although security falls under the IT umbrella, making the CISO and CIO peers helps ensure security considerations get an equal voice compared to other IT projects. If the CIO has the final word, determining the effective balance between IT operations, project deadlines and security could get slanted. It’s especially important to avoid this when security measures have the potential to slow down other IT projects.
Designating the CISO and CIO as peers may seem like a novel idea. But as security threats continue to evolve, reporting directly to the CEO will help the CISO ensure the company is ready to meet these challenges.
Mark is the founder and CEO of Traust. His role is to foster the human and purpose-focused connections with leaders and client teams that enable them to lead sustainable and transformation change in their organizations. Mark partners with Traust's clients in a manner that is inclusive, collaborative, and transparent, with the ultimate focus on delivering business value.