Why CIOs to be proactive not reactive to cybersecurity threats

Kenneth Corbin

"Look at the headlines -- breach after breach after breach. And so these issues today are becoming CEO and board-room issue. They are not dealt with strictly in the environment of the IT world, so the more that senior leadership in terms of CEOs and chairmen of the board and board advisors become involved in these issues, well that puts a lot of pressure on being right."

Davis echoed Howard's call for a comprehensive risk analysis, mapping out the different segments of the network and examining the needs of the enterprise along with the security concerns. That holistic approach to protecting a firm's digital assets has the added benefit of bringing together teams that sometimes work at cross purposes.

"It helps to bring the information technology people and the cybersecurity people together. Often, they are two communities that are at odds with each other. One's trying to get an organization to perform, the other one's trying to slow it down to make sure it's secure, and often it's a win-lose situation," Davis said.

"This gap analysis enables them to both come together and look at it from a common perspective. How do we as an organization safely enable what we need to do to do our business?" he added. "The other thing that it does is once you have this gap analysis, it enables you to essentially have a scorecard for your organization so that leaders -- the CISOs and the CIOs of an organization -- can use the results of the gap analysis as kind of a scorecard in terms of risk management posture for the organization. And it's a great tool that they can use to brief the leadership of the organization."

Previous Page  1  2