Cybersecurity Awareness Must Generate From The Top

CEOs can lead management in preparing for and reducing the risk of cyberattacks across all lines of business, potentially affecting their customers, partners, shareholders, staff and company reputation.

cybersecurityIn a cybersecurity situation, your first line of defense may be to call the CTO, but planning and prevention is really an enterprise-wide responsibility. When executives acknowledge that cybersecurity should be integral to the overall strategy of an organization, a culture is created where security isn’t just a cost center or required set of checkboxes, but rather a game plan to better enable the business.

With the right preparation, CEOs can lead management in preparing for and reducing the risk of cyberattacks across all lines of business, potentially affecting their customers, partners, shareholders, staff and company reputation. But how? While cyberattacks are on the rise, companies can mitigate the pending disaster by taking a team-based approach.

Working with executives to prioritize cybersecurity

No entity can simply rely on a firewall or piece of software and expect its security to be fully impenetrable. A layered approach – of people and tools – will be needed to secure the business. Think about it as you would with protecting your home, you don’t just have a gate in the front of the house. You put locks on the doors; you may also have a monitoring system; a motion detector for lights to come on, and more. Securing your business is just as crucial.

Technology plays a critical part of every area of today’s business – no matter what service or product the company provides. Therefore, it’s necessary for companies to assess their systems, and the security of those systems, as an overall business risk.

“as leaders, we need to ensure that cybersecurity is a priority – not an afterthought.”

With ongoing threats, total protection is nearly impossible – at least today – but thwarting an attack is a reasonable goal. Against the most determined adversary, it is truly only a matter of time before, for example, an email with a virus will get through.

With your management team, now is the best time to focus on shoring up walls of defense throughout the company. You can get started with the below checklist:

  1. Assign teams to tackle specific business areas and processes that could be affected. For example:
    1. Finance: List all third-party partners with which the organization exchanges information and funds, and assess how secure the connections are.
    2. HR: Ensure the company directory is up-to-date, including identifying all former employees and making sure their information is removed from all accounts.
    3. IT: Establish a security checklist of “what to look for” when working with third-party vendors. Confirm that all applications are up-to-date and patched, as needed, and the infrastructure is secure.
    4. Legal: Assess all policies and procedures and affirm that they are updated regularly.
    5. Communications: Confirm that communications plans are in place for different scenarios, including approved messages the team can readily use in a crisis.
  2. Put your CISO in charge of developing overall strategy but have each department lead provide input, including documentation for policies and procedures. All business areas must be accountable.
  3. Have your management team contribute to sharing industry best practices from all functional areas with employees; include it in onboarding of new hires.
  4. Have head of HR and IT assess security resources – staff and available consultants – for day-to-day and emergency assignments.
  5. Reevaluate your disaster recovery and business continuity plans. Ensure these are in place and tested; review your incident response plans regularly.
  6. Provide ongoing cybersecurity training for all personnel, customized as needed by department or role.
  7. Identify the cybersecurity technology gaps that exist and outline priorities to address them.

Most importantly, as leaders, we need to ensure that cybersecurity is a priority – not an afterthought. Build a culture where it’s not seen as a roadblock to getting business done but instead, enables healthy business practices.

Alongside this checklist, have the CISO provide a full report to management and the board as to progress of this living, dynamic cybersecurity plan. Within this plan, the CISO should address outstanding fixes, future work needed and tests to be done, to ensure ongoing assessment and, more importantly, to keep it top of mind for all on the leadership team.

Build A Cybersecurity Culture  

At the end of the day, there are many potential risks that could wreak havoc on a company’s infrastructure. Hackers are coming up with new ideas every day to breach systems. As CEOs, the buck stops with us and it’s important to bring the right people to the table to focus on protecting the business and its assets.

Heightening the importance of cybersecurity will lead to better practices and action for improving processes to mitigate vulnerabilities. Taking holistic measures for cybersecurity will allow businesses of all sizes to better prepare for the inevitable. Building a culture with targeted programs geared toward your business needs can protect your resources, investments and reputation in a comprehensive way without overextending your team.


MORE LIKE THIS

  • Get the CEO Briefing

    Sign up today to get weekly access to the latest issues affecting CEOs in every industry
  • upcoming events

    Roundtable

    Strategic Planning Workshop

    1:00 - 5:00 pm

    We are in a period of rapid change. Customer needs, technologies, competitors and internal capabilities require companies to review and update their strategies for the new realities. In this workshop, strategy experts Steve Rutan and Denise Harrison will show you a systematic approach to strategic planning to help you refine or redefine your business strategy and approach including:

    • Learn what you need to know to develop an effective strategic plan. Put the right players on the strategic planning team.
    • Develop strategies that leverage your company’s unique position in the marketplace. Lift your management team beyond “business as usual” thought processes and activities.
    • Translate your strategies into action. Achieve your vision for success and generate superior financial results.
    • Identify exactly what you need to do now to position your company for future success.

    To sign up, select this option in your registration form. Additional fee of $695 will be added to your total.

    New York, NY: ​​​Chief Executive's Corporate Citizenship Awards 2017

    Women in Leadership Seminar and Peer Discussion

    2:00 - 5:00 pm

    Female leaders face the same issues all leaders do, but they often face additional challenges too. In this peer session, we will facilitate a discussion of best practices and how to overcome common barriers to help women leaders be more effective within and outside their organizations. 

    Limited space available.

    To sign up, select this option in your registration form. Additional fee of $495 will be added to your total.

    Golf Outing

    10:30 - 5:00 pm
    General’s Retreat at Hermitage Golf Course
    Sponsored by UBS

    General’s Retreat, built in 1986 with architect Gary Roger Baird, has been voted the “Best Golf Course in Nashville” and is a “must play” when visiting the Nashville, Tennessee area. With the beautiful setting along the Cumberland River, golfers of all capabilities will thoroughly enjoy the golf, scenery and hospitality.

    The golf outing fee includes transportation to and from the hotel, greens/cart fees, use of practice facilities, and boxed lunch. The bus will leave the hotel at 10:30 am for a noon shotgun start and return to the hotel after the cocktail reception following the completion of the round.

    To sign up, select this option in your registration form. Additional fee of $295 will be added to your total.