Structuring organisations to fight cybercrime
The TalkTalk data breach in 2015 was monumental for the cybersecurity industry.
This particular breach resulted in a recommendation that an officer should be appointed with day-to-day responsibility for protecting computer systems from cyber attack. This guidance was not a consequence of the size of the breach. Rather, the guidance resulted from the way in which the immediate situation and the following aftermath, were handled.
In most organisations, the responsibility of following this guidance has historically fallen to the Chief Information Security Officer (CISO), with support from the CEO. In the wake of the TalkTalk data breach in particular, the CISO was given ‘free rein’ to strengthen the organization’s cybersecurity capabilities.
The many faces of the CISO
The role of the CISO has come under increasing scrutiny and with the rise of cybercrime and the sophistication of cyber attacks, it’s easy to see why. With so many ‘hats’ to wear and multiple day-to-day responsibilities, it is clear to see why, with the increasing threat landscape, many organisations feel that it’s time to add another role to the C-Suite.
Enter the Chief Cybercrime Officer (CCO). With the need for cybersecurity to become far more central to C-Suite strategies, this new role should ease the load on the CISO and ensure the organisation can get one step ahead of hackers in the cybercrime race. However, organisations must take into account the need for both the CISO and CCO to work in harmony, with clearly defined roles and support from the Board.
Aligning to boundaries
With both the CISO and CCO working towards keeping the company’s data safe from cyber threats, it is essential for each role to be clearly defined. This definition may look different to each organisation: each role, and the teams working with them, should have clear parameters and responsibilities so that in the event of a data breach, the organisation clearly understands the steps that should be taken, and who should take them.
In practice, this should make every CISO breathe a big sigh of relief. Many CISOs would identify cybersecurity as the greatest risk within their role, and when they’re also trying to juggle multiple other responsibilities, it’s a lot to have on their shoulders.
With both roles working in tandem, the next step that organisations need to take is ensuring the CISO and the CCO have enough influence with the Board to make critical decisions and resolve issues immediately.
In a world where cybersecurity threats can’t be ignored, now is the time for the structure of organizations to truly be considered. Has cybersecurity been given enough prominence at Board level? Can decisions be made quickly? Can space be made for both the CISO and CCO to work in harmony? By asking these questions and making changes, organizations can ensure they are in a far better position to keep their data safe and protect their reputation.
This article was contributed by Matt Cable, VP Solutions Architects & MD Europe, Certes Networks.