Structuring organisations to fight cybercrime

By Matt Cable, MD Europe, Certes Networks
The TalkTalk data breach in 2015 was monumental for the cybersecurity industry. This particular breach resulted in a recommendation that an officer sh...

The TalkTalk data breach in 2015 was monumental for the cybersecurity industry.

This particular breach resulted in a recommendation that an officer should be appointed with day-to-day responsibility for protecting computer systems from cyber attack. This guidance was not a consequence of the size of the breach. Rather, the guidance resulted from the way in which the immediate situation and the following aftermath, were handled. 

In most organisations, the responsibility of following this guidance has historically fallen to the Chief Information Security Officer (CISO), with support from the CEO. In the wake of the TalkTalk data breach in particular, the CISO was given ‘free rein’ to strengthen the organization’s cybersecurity capabilities. 

The many faces of the CISO 

The role of the CISO has come under increasing scrutiny and with the rise of cybercrime and the sophistication of cyber attacks, it’s easy to see why. With so many ‘hats’ to wear and multiple day-to-day responsibilities, it is clear to see why, with the increasing threat landscape, many organisations feel that it’s time to add another role to the C-Suite. 

Enter the Chief Cybercrime Officer (CCO). With the need for cybersecurity to become far more central to C-Suite strategies, this new role should ease the load on the CISO and ensure the organisation can get one step ahead of hackers in the cybercrime race. However, organisations must take into account the need for both the CISO and CCO to work in harmony, with clearly defined roles and support from the Board.  

Aligning to boundaries

With both the CISO and CCO working towards keeping the company’s data safe from cyber threats, it is essential for each role to be clearly defined. This definition may look different to each organisation: each role, and the teams working with them, should have clear parameters and responsibilities so that in the event of a data breach, the organisation clearly understands the steps that should be taken, and who should take them. 


In practice, this should make every CISO breathe a big sigh of relief. Many CISOs would identify cybersecurity as the greatest risk within their role, and when they’re also trying to juggle multiple other responsibilities, it’s a lot to have on their shoulders.

Making decisions 

With both roles working in tandem, the next step that organisations need to take is ensuring the CISO and the CCO have enough influence with the Board to make critical decisions and resolve issues immediately.

In a world where cybersecurity threats can’t be ignored, now is the time for the structure of organizations to truly be considered. Has cybersecurity been given enough prominence at Board level? Can decisions be made quickly? Can space be made for both the CISO and CCO to work in harmony? By asking these questions and making changes, organizations can ensure they are in a far better position to keep their data safe and protect their reputation. 

This article was contributed by Matt Cable, VP Solutions Architects & MD Europe, Certes Networks.

For more information on business topics in APAC, please take a look at the latest edition of Business Chief APAC

Follow Business Chief on LinkedIn and Twitter



Featured Articles

Twitter timeline – how Musk pulled off a hostile takeover

Elon Musk strikes deal to buy Twitter for US$44bn following four months of cryptic tweets, secret meetings and buying of shares – here’s the timeline

Top 10 Asia restaurants, from Tokyo’s Den to Bangkok’s Sorn

From Tokyo to Bangkok, with cuisines spanning Cantonese, Thai and German, we highlight Asia’s top 10 places to eat, as per Asia’s 50 Best Restaurants

Microsoft: what Asia leaders need to know about hybrid work

Microsoft’s 2022 Work Trend Index guides Asia leaders to navigating a hybrid future – from making the office worth the commute to rebuilding social capital

Meet the company: EV Nio to list in Hong Kong, enter Europe

Leadership & Strategy

12 Tech trends to watch closely in 2022, from CB Insights


Why Deloitte Australia’s HR technology is winning awards

Human Capital