It's Time CIOs Get Real About Data Security - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IT Leadership
02:00 PM
Connect Directly

Itís Time CIOs Get Real About Data Security

Your company's success in securing its data and network could depend on how the CIO delivers security messages to their peers in the C-suite.

Considering how the past few years have gone, it came as no surprise that the first half of 2017 has already been a terrifying ordeal in terms of the state of IT security. The WannaCry ransomware attack dominated headlines around the world becoming the largest and fastest growing malware in history. Additionally, data and infrastructure security professionals are being inundated with a constant stream of newly identified security flaws on hardware and software deployed on production networks.

It's safe to say that our battle against cyber-criminal activity is not going as well as many had hoped. It then begs the question, what approach, from a messaging standpoint, should a CIO take when discussing data security with other C-level execs and stakeholders? While some CIO's might choose to put on rose color glasses and pretend everything is just fine, others are beginning to take a more realistic approach.

Image: Pixabay/Geralt
Image: Pixabay/Geralt

The times are long passed where IT leaders can simply plead ignorance when it's discovered that their infrastructure has been breached. That's why I'm often shocked to still hear CIOs boast about how “tight” they believe their security to be. Clearly, this is the wrong approach to take -- even when uttered behind closed doors. Instead, enterprise networks should be looked at as living, breathing entities. They may be completely healthy one minute, yet succumb to a virus the next. Even when considerable time, money, and effort are spent to secure a network, there’s always going to be a weak point. Even with advanced artificial intelligence to aid in the fight, malware authors are managing to find plenty of ways to evade prevention mechanisms. The bottom line is, we should assume that if someone wants to break in -- they'll undoubtedly find a way.

But at the same time, a CIO can't simply throw their hands up and tell stakeholders that the sky is falling and all hope is lost. Instead, they must paint a picture that IT security is an area of IT that’s in continuous fluctuation. Furthermore, they need to convey that two key factors play a role in whether the organization is more or less at risk from an attack or breach. The first factor is the speed at which the organization can respond to a threat. This is a wide-reaching consideration that covers multiple areas of IT security, including tools automation, staff skillsets and escalation procedures. Speed is everything in a field where every millisecond counts.

The other factor that significantly impacts the risk an enterprise organization takes regarding data security lies in the contingency plans and procedures that are enacted once a breach occurs. Because we can't possibly plug all holes that are exposed to the bad guys, threats can be significantly minimized using contingency plans. For example, if an enterprise organization maintains isolated, offline backups, they are largely immune to malware exploits. Other contingency plans can address DDoS or virus outbreaks. These days, contingency plans are as important as the security tools put in place to prevent the security threat in the first place.

If you’re a CIO – and you want to “stay out of the headlines” – the way you message data security threats can work to your advantage, if it's done properly. Instead of putting on that fake smile when telling everyone how there’s nothing to fear, it may be beneficial to be far more honest with stakeholders. That way, their expectations are more in line with the actual truth and less in line with false expectations that nothing bad can ever happen. Let them know about your strengths, weaknesses and keys to success. By doing so, you might find that injecting a dose of reality can help build relationships that foster more interest and support in the protection of company data moving forward.

Andrew has well over a decade of enterprise networking under his belt through his consulting practice, which specializes in enterprise network architectures and datacenter build-outs and prior experience at organizations such as State Farm Insurance, United Airlines and the ... View Full Bio
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
6/14/2017 | 1:47:16 AM
Microsoft live chat support
Thanks for sharing the data security.It is a very great article and it's very nice
Python Beats R and SAS in Analytics Tool Survey
Jessica Davis, Senior Editor, Enterprise Apps,  9/3/2019
IT Careers: 10 Places to Look for Great Developers
Cynthia Harvey, Freelance Journalist, InformationWeek,  9/4/2019
Cloud 2.0: A New Era for Public Cloud
Crystal Bedell, Technology Writer,  9/1/2019
White Papers
Register for InformationWeek Newsletters
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
Current Issue
Data Science and AI in the Fast Lane
This IT Trend Report will help you gain insight into how quickly and dramatically data science is influencing how enterprises are managed and where they will derive business success. Read the report today!
Flash Poll