Mind The 'Cyber' Gap...
Yet with the amount of media, governmental, regulatory and police attention the sector has garnered over the last 18 months, it’s a fallacy to think that Cyber Security is the 'new kid on the block'.
In fact, it’s the same person, but wearing a nice shiny new suit with a pocket square and patent shoes!
I recently wrote about how Cyber risks are now not to be regarded as solely the responsibility of the IT function in a business, and how these risks should be treated accordingly and at the right level within the leadership team. With the advent of the EU Revised Data Protection Framework changes in 2018 (how applicable this may be in the light of Brexit I'm unsure),any organisation not taking notice of Cyber risks at Board level will be open to threat and also monetary fines in excess of the current framework penalties within the existing Data Protection Act.
So whilst the operational and business risk of Cyber threats is being escalated,based on the conversations I'm having with thought leaders in Cyber Security and Business Risk, I'm wondering if the actual attraction and also management of the Cyber professionals should be taken out of the remit of the IT leadership of CTO/CIOs?
Healthy conflict is a natural part of the leadership in any business.What has been identified in the meetings I've had, is that given the necessity of organisations to get their Cyber strategy right first time, that positive challenge and 'push-back' has to happen in the context of a business strategy as opposed to a technology context. The professionals I've met have suggested that any senior Cyber hire or even CISO level hires should not be exposed to the CTO/CIOs during the process to banish any thoughts of hierarchy and to engender that proactive,business partnering culture that has the overview of the entire business as opposed to being the view of an IT professional.
This and other topics are crucial for talent discovery and retention in the Cyber space,and we'd love to hear your views. We are looking to host a round-table event in May to discuss this and other topics central to the world of Cyber Security, and simply put, I'd love to hear from you if you have comments on the post above and also if you'd like to attend the round-table event as well?My email is email@example.com and we look forward to hearing from you and meeting you soon...