There is little doubt that better governance of technology leads to better business outcomes. More than 9 in 10 respondents in ISACA’s new Better Tech Governance is Better for Business research affirmed that reality.
But how can organizations ensure that they’re leveraging technology successfully, beginning with effective oversight from the board of directors?
The majority of ISACA’s survey respondents identified ensuring alignment between IT and stakeholder needs and establishing a clearer connection between business goals and IT goals as leading priorities that should drive organizations’ governance of technology.
That starts with a firm commitment to strong governance at the board level. This approach is an absolute necessity for all enterprises that intend to compete – and survive – in today’s technology-driven business landscape.
It can be challenging, however, for organizations to bring in board directors with the level of technology savvy needed to make sure that the right issues are being addressed and the right questions are being asked when it comes to making technology-related investments, and addressing key business imperatives such as cyber security, risk management and digital transformation.
Finding at least one board member with technology expertise can be a real difference-maker for the organization. This will naturally become easier over time, as digital natives grow into leadership positions, but can be a real challenge for now. Organizations should aggressively leverage their networks and tap into industry professional associations to find prospective board directors with much sought-after technology backgrounds.
What organizations must not do is bring aboard a “token geek” – that is, a person who is well-versed in technology but otherwise thoroughly unqualified to serve as a board director. Companies that have tried going this route end up with somebody who is ill-suited to be a board director and needs to be educated around the majority of discussions, detracting from the board’s overall efficiency and leadership capabilities.
A better option, provided an organization is struggling to secure quality board directors who are tech-savvy, is to work with outside experts who can bring that level of expertise to the board room. Organizations seeking technology consultants with instant credibility often turn to large, global firms that regularly provide this type of guidance to boards of directors.
An encouraging trend in enterprise governance of technology has been the evolution of CIOs and CISOs. In recent years, these leaders have elevated beyond technology honchos to become true business leaders, as well as excellent resources for boards of directors. The CIO or CISO should regularly be updating the board of directors about front-burner technology threats and opportunities that require board oversight. With the explosion of cyber security and emerging technology risks in recent years, the relationship between the CIO or CISO and the board of directors is one that organizations have to get right, or the consequences can be dire.
Aside from the board’s composition, organizations striving toward that critical connection between business goals and IT goals can benefit from governance frameworks such as COBIT. ISACA research participants identified risk management, cyber security and business and IT integration as the top three areas that benefit from a governance framework.
Effectively leveraging technology is the common denominator in today’s global economy. Beginning at the board level, organizations must determine their path to strong governance and prepare for the flurry of technology-centered challenges and opportunities that will only accelerate in the years to come.
Original blog sourced from ISACA Now Blog https://www.isaca.org/Knowledge-Center/Blog/default.aspx
Robert Clyde, CISM, Vice-Chair of ISACA’s Board of Directors, Executive Chair of White Cloud Security and Executive Advisor to BullGuard Software
It’s not hard to understand why bot management is critical to maintaining business availability and customer satisfaction – but do you know how to properly deal with bots?
Increasing use of encryption has created new challenges for enterprise security managers. Ever more-sophisticated encryption such as Perfect Forward Secrecy (PFS) protects data and may even boost your Google ranking – but it also provides a haven for malicious code that may use encryption to bypass enterprise security controls.
Why nation-state attacks are everyone’s problem
With so much change all the time, how can executives best prepare their businesses to meet the security challenges of the coming years? CSO Australia, in conjunction with Mimecast, explored this question in an interactive Webinar that looks at how the threat landscape has evolved – and what we can expect in 2019 and beyond.
An interview with CSO's David Braue and Ian Yip, Chief Technology Officer, McAffee.