January 14, 2016 By Kevin G. Joseph 3 min read

With the arrival of the new year comes new changes. Businesses are implementing new sales strategies, new products and services and new management teams. There is no denying that the business landscape has dynamically changed since the start of the 21st century.

Chief executive officers and operating officers can no longer just focus on corporate efficiency and sales strategy. Chief financial officers and compliance officers can no longer focus solely on forecasting and planning. The new cyberthreat landscape requires chief executives to rethink how and who they hire.

https://youtube.com/watch?v=bWjrVXB0ZvQ

Cyber-Conscious Executives

The most dangerous doctrine in business is, “We’ve always done it this way, why change now?” The cybersecurity crises of today choose our leaders. Electing a leader who will protect the enterprise is the most important decision in today’s business environment. When organizations are selecting new executives to take over the top spots in their institutions, choosing an executive with security aptitude must be at the center of the selection process.

As organizations continue to adopt cloud, mobile and analytics solutions, the threat landscape is becoming more diverse and the business more vulnerable. These trends are calling for organizations to implement comprehensive, enterprisewide security strategies. However, before implementing a security strategy, an organization must be sure to select the appropriate chief executives to lead its missions.

In today’s business environment, chief executives lose their jobs when the organization experiences a data breach or damaging cyberattack. Many times, these leaders have made no investment in cyber defense and countermeasures, which left their enterprises vulnerable to malicious actors.

If you’re a gambler and make no investment to protect yourself and your business, then you’re at risk of losing your job when your business is attacked. However, if you’re a cyber-conscious chief executive who is taking proactive measures to increase the security IQ of employees, implement cyber defense solutions and create incident response teams, you have made a much better case to keep your job.

Security Helps Grow the Business

While keeping your job may be your No. 1 priority, retaining your customer base is a close second. In my experience, there are only two ways to grow your business:

  • Get customers to buy more; or
  • Get more customers.

No matter what industry you’re in — financial, health care, energy, education, etc. — cyberattacks and data breaches are among the leading reasons why customers will leave you for a more secure competitor.

Today, if you can’t show customers that you are making a proactive investment to keep their information secure, then I would suggest the customer find another service provider. Their personal information is just too important to risk.

Slow to Hire, Quick to Fire

With this is mind, companies seeking new management teams need to be aware of the consequences of hiring executives who place no focus on cybersecurity.

  • Chief executive officers and chief operating officers who have poor security policies are likely to see a loss of market share and reputation, increased legal exposure and disruption in business continuity as a result of a data breach.
  • Chief compliance officers and chief financial officers can expect failed audits, fines and drastic financial loss.
  • Chief information officers will see an impact to data and systems as well as disruptions in confidentiality, integrity and availability of infrastructure.
  • Chief human resource officers and chief marketing officers can expect a violation of employee privacy, loss of sensitive data, loss of customer trust and damaged brand reputation.

Your board and CEO are demanding a cybersecurity strategy. The consequences are too great and your job is too important. Take the time to be proactive instead of reactive. Hire the right people. And remember: The crisis of today chooses our leaders. Choosing a leader who will protect the business is the most important decision we can make in today’s environment.

More from CISO

Making smart cybersecurity spending decisions in 2025

4 min read - December is a month of numbers, from holiday countdowns to RSVPs for parties. But for business leaders, the most important numbers this month are the budget numbers for 2025. With cybersecurity a top focus for many businesses in 2025, it is likely to be a top-line item on many budgets heading into the New Year.Gartner expects that cybersecurity spending is expected to increase 15% in 2025, from $183.9 billion to $212 billion. Security services lead the way for the segment…

On holiday: Most important policies for reduced staff

4 min read - On Christmas Eve, 2023, the Ohio State Lottery had to shut down some of its systems because of a cyberattack. Around the same time, the Dark Web had a “Leaksmas” event, where cyber criminals shared stolen information for free as a holiday gift. In fact, the month of December 2023 saw more than 2 billion records breached and 1,351 disclosed security incidents, according to research from IT Governance — an increase of 332% and 187%, respectively, over the month of…

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today