7 Things EvERY CEO SHOULd KNOW ABOUT INFORMATION SECURITY
Unless you’ve been living under a rock, you probably realize what a hot-button issue information security has become for the modern enterprise. Maybe you’ve already mobilized a C- level security executive to develop a comprehensive security program, maybe you’ve just asked your CIO to get a handle on things, or maybe you’re just fantasizing that security incidents can’t possibly happen to a company like yours. Either way, you probably recognize the magnitude of trouble companies face when a breach, caused by their practices, hits The Wall Street Journal. And like many CEOs, you at least have an inkling that your company has room to improve its security practices.
Currently, there exists a troubling disconnect between information security personnel and top decision-makers within the enterprise. According to last year’s Ernst and Young global security survey, almost one-third of information security professionals never meet with their board of directors, and most meet less than once a quarter with their corporate officers and business unit leaders.
If that sounds like your organization, then keep reading. Hopefully, once you’ve finished this ebook, you’ll see how important your role is in maintaining a secure environment, why it isn’t a good idea to cross your fingers and hope the tech guys have everything under control and why compliance with security regulations won’t solve all of your problems.
As a CEO, I understand the complexities and nuances of leading an organization to profitability and success. And as an expert in the security industry, I also have a clear picture of how the very best businesses protect themselves. These two perspectives put me in a good position to talk to you—CEO to CEO—about the most important components of information security and why you should know about them. There’s no marketing mumbo-jumbo here, just straight talk about a topic that can very well impact your bottom line and the ability for your business to deliver its product to customers.
Chairman & CEO, Lumension Security™, Inc.
TAblE Of CONTENTS
1. Security is a Boardroom Issue
2. The Costs of Ignoring Security
3. Well-Organized & Focused Cybercriminals
4. Increasing Insider Threats
5. Emergence of the Borderless Enterprise
6. Traditional Security No Longer Works
7. Policy and Process Reign Supreme
Conclusion: The Security Role of the CEO