Data Security Requires Strong Leadership and CEO Involvement
Published: September 16, 2016
Even after notable data breaches, few businesses have implemented the policies or procedures to protect customer, employee or corporate data. Boards of directors and chief executive officers (CEOs) often delegate, and hope, that their team of IT experts has the skills and technology to keep data safe. However, more CEOs are developing a hands-on approach, taking a leadership role toward guiding security measures and reducing risk.
CEOs have a lot on their plates and few are likely to have a strong IT background. However, taking a hands-on approach to data security is becoming a priority for many CEOs. As noted in "Business Leadership in a Tech-Driven World: How CEO's Can Manage Proactively to Protect Data and Build Customer Confidence," Target experienced a significant data breach in 2013 that compromised the personal data for 70 million customers with 40 million stolen credit card details. Although Target's security team received indications of potential weaknesses, they failed to take action and hackers were able to install malware on point-of-sale terminals.
Strong Leadership, Policies and Technology Can Protect Data, Reduce Risk
The CEO can take a proactive step to protect corporate, customer and proprietary data by hiring a chief information security officer (CISO) and, when necessary, working with outside technology experts to assess data security. An investigation of technology and procedures, and evaluation of business processes, can highlight potential weaknesses in security. The results of these investigations can be shared with the board of directors and the IT team or chief information officer.
Then, a strong security plan can be created to address specific business activities and the risks that may be encountered in your business sector. As new issues, concerns or other developments pertaining to data security arise, these issues can be discussed and appropriate steps can be taken to strengthen defenses.
As Target learned, controls on user authorizations should be established and reviewed regularly. In addition, systematic assessments that show potential threats should be discussed and handled quickly.
Communication and collaboration between the CEO and IT team, and outside experts when needed, can strengthen data security measures, reducing the risk and consequences of a data breach.
Download the eBook and contact us to learn more about establishing strong leadership, policies and procedures, and putting stronger technology in place to protect data.