If IT Managers and CIO’s (asset custodians tasked with protecting corporate data) genuinely fear for their jobs over data breaches, why don’t they demand the resources they believe necessary to mitigate the risk, or assign the risk to the asset owners. If the CIO’s well-structured business case is rejected, it is clear that the board has implicitly decided to take the risk, so why not ask them to make it an explicit agreement.
The trusty Rust Report last week published a survey by ‘Dynamic Markets’ that found 74% respondents claimed the stress was greater than divorce with 14% saying the stress of losing their job was less than that of losing data!
These are high stakes claims but I don’t think honesty or integrity is prevailing.
Compare this with the Connection Research survey published in the SMH on the same day last week.
This report claims CIO’s (62% for those that get hung up on numbers) are allocating budgets to initiatives such as Social Media and Bring Your Own Device (BYOD) that many believe are over hyped and will add no significant business benefit. Why? Well again it seems CIO’s are scared that their early adopter bosses expect them to do it.
I thought CIO’s were evolving to be leaders at the big table. These two pieces of research suggest they are not bringing the thought leadership and conviction required to their roles.
CEO’s don’t want ‘Yes men’ in their ranks. They need solid recommendations that are material to business success. The CEO will not thank them when they are sitting in a cell, killing time updating the company Facebook profile on their iPad, while waiting for their data breach hearing.
The CIO needs to get some back-bone and concentrate on the things that they claim really matter.
Increasing mandates around the security of personal data have made encryption for every business. Australian businesses are leading the world in the use of encryption to protect backups, payment-related data, and laptops – and yet they still have a long way to go before encryption is both ubiquitous and manageable.
If your last access-control update was even a few years ago, you’re probably more exposed to fraud and exploitation than you’d like to be.
It’s not hard to understand why bot management is critical to maintaining business availability and customer satisfaction – but do you know how to properly deal with bots?
Increasing use of encryption has created new challenges for enterprise security managers. Ever more-sophisticated encryption such as Perfect Forward Secrecy (PFS) protects data and may even boost your Google ranking – but it also provides a haven for malicious code that may use encryption to bypass enterprise security controls.
Why nation-state attacks are everyone’s problem