Enterprises labor under the new expectations of the modern digital security paradigm—SIEM, security analytics, threat detection, threat intelligence, network visibility, etc. Keeping up with the demands of securing globe-spanning networks and bring-your-own-devices culture can be a headache. The alternative, however, is a far more serious pain.
Enterprises know the longer a threat dwells on their network, the more profound the damage their databases, customers, and clients suffer. Compounding their fears, a threat can dwell on an enterprise’s network for months or possibly years before it is discovered. Further, data breaches can cost companies millions in recovery and remediation—not including lost business from diminished customer trust.
Given the proliferation of cyber attacks in the current marketplace and the lingering repercussions of a data breach, many professionals are asking: should C-Level leaders be held responsible for cybersecurity?
In many ways, C-Level leaders are already being held responsible for their enterprises’ cybersecurity policies. The Economist Intelligence Unit found that 40% of executives believe their board of directors should be responsible for cybersecurity. 96% believe their boards aren’t spending enough on cyber resilience.
Emphasizing this projected responsibility, Kaspersky Lab discovered 32% of corporate data breaches in North America led to the firing of C-Level leaders. At the large enterprise level, 27% of those C-Level leaders were senior executives and not affiliated with IT departments.
While employees in general often lose their jobs in the wake of a breach, such high percentages should give C-Level executives should give pause. If, as Kaspersky Lab has found, 42% of enterprises dealt with a data breach last year, then your enterprise is at risk…and therefore so is your job.
C-Level leaders need to, therefore, make cybersecurity a crucial focus in their daily business practices and strategies. If you are one such leader, know that your employees, customers, shareholders, and clients already hold you responsible for your business’ threat detection. So make it your own. Evaluate your SIEM solution for optimal threat intelligence, threat monitoring, and network visibility. Check in with your security team to see what they need to best protect your enterprise.
It’s no longer a question of if you and your fellow C-Level leaders are responsible for cybersecurity. It’s a question of how you want to take responsibility.
Latest posts by Ben Canner (see all)
- How SIEM Improves Business Incident Response Plans - June 3, 2020
- Revisiting Whether SOAR Will Replace SIEM in Business Cybersecurity - May 29, 2020
- Changing SIEM From Reactive to Proactive with Threat Hunting - May 27, 2020