Issues for CIOs: IT risk and security Bookmark has been added
Issues for CIOs: IT risk and security
Giving cybersecurity the attention it deserves
How can executive management and the board become more engaged on IT risk and security?
February 13, 2019
Technology topics addressed at most recent board meeting by chief information officers (CIOs)
With massive data breaches routinely making headlines, one of the most important relationships in business today is among CIOs, security leaders, and business leaders. Yet organizations don’t necessarily act that way.
Our 2018 global CIO survey found managing IT risk and security was a lower-than-average IT priority, despite having higher-than-average perceived expectations from the business. In addition, CIOs don’t believe cybersecurity is a high priority for their business leadership, or that chief information security officers (CISOs) are important to driving digital initiatives.1 This suggests that CIOs are saying the right things but, when it matters, they’re prioritizing other issues like performance, customers, and innovation.
The good news is almost three-quarters of CIOs in the technology, media, and telecommunications (TMT) industry say their IT function has a strong relationship with security, and that investments in IT risk and security are strategic. However, both IT and business leaders should realize cybersecurity should be integral to every digital initiative. Well-developed strategies and broad digital transformation efforts can be easily derailed by security issues if not properly addressed from the beginning.
First, CIOs and CISOs should effectively communicate with each other, their executives, and boards. That doesn’t happen enough today. Even though chief executive officers (CEOs) and board members say
Second, organizations can’t sacrifice security for speed, leaving security leaders on the hook once the rest of the C-suite has decided what to do. CIOs need all relevant colleagues at the table to help guide the process. For example, many organizations are employing artificial intelligence (AI) for their products and operations. Yet fewer than half build cybersecurity into AI projects, even though it’s identified as the top risk.3
When it comes to cybersecurity, one mistake can cause years of pain for an organization. Elevating cybersecurity performance requires all hands on deck, working collaboratively and deliberately. It’s when leaders rush initiatives to gain an edge that they can risk making headlines for the wrong reasons.
This charticle authored by David Jarvis.
Want more CIO content?
Explore our full collection now
To help CIOs and technology leaders keep pace with the latest developments and trends, we offer a mix of innovative thinking, perspectives, and practical advice for CIOs—all designed to help you turn new developments in the IT landscape into more value for your business.
Are consumers waiting for the next wave of innovation?
Younger viewers love sports, and advertisers pay big to get in the game