CIO ... Only Until the Next Data Breach

Bob Fecteau, CIO, SAIC
441
711
153

Bob Fecteau, CIO, SAIC

Today’s chief information officers (CIOs) operate in digital  environments that are riddled with cyber threats. They face a  daunting new reality– one where the next cyber-attack against  their company, and the public’s reaction to it, could make or  break their careers.

Hype vs. Reality 

Cyber security is no doubt a significant global challenge, but I question  whether we are expecting too much from our IT professionals and if we  are giving them proper support. With the public moving toward a zero-fault  position, cyber security has become an overwhelming focus for CIOs– and  increasingly for CEOs, CFOs, boards of directors, and shareholders. A view  is emerging that protecting a company’s data from intrusions, breaches,  and viruses falls squarely on the CIO and their team. Nothing could be  further from the truth. It is a total team effort that must become part of an  organization’s DNA.

During the recent cyber-attack against the U.S. government’s Office  of Personnel Management data systems, the public criticized OPM for  compromising the data of millions of active and former government,  military, and contractor personnel. Critics were quick to point fingers, but  failed to recognize the challenges associated with securing this type of data  in an increasingly complex digital world.

As the House Oversight Committee grilled OPM Director Katherine  Archuleta over exactly how many records were compromised (ranging  from 14 million to 20 million), the complexity of the challenge was missed.  The truth is, it does not matter how many records are compromised. A  single record breached is too many and CIOs work diligently every day to  ensure data is as secure as possible.

 “CIOs, CISOs, and corporate leaders face the   complex task of understanding every system, computer, and connection point, and then   knowing what each one is supposed to be doing   in a network”   

The focus should not have been on numbers, but how the breach was  dealt with. When security is compromised, CIOs and their teams have to act  fast, smart, and decisively with prepared and tested remediation plans that  safeguard those affected, ensure a resolution, and protect other areas that  could also be vulnerable to the now known threat. Leaders at all levels must  know these plans and procedures and be ready to execute them in these  situations. Archuleta, who had held her post for 17 months, was not able  to do that. Demands for her resignation came quickly, demonstrating how  vulnerable leaders are to a cyber-event.  

Read Also

The Strategic Choice in Your IT Career: Deep or Wide?

Steve Brunker, CIO, LSI Industries

IT Being a Game Changer in Field Service

Libba Sapitsky, SVP-Customer Care, North America, Siemens Healthineers

Our Most Valuable Resource

W. Ryan Snellings, VP, Field Services & Support, Fresenius Kabi

Leading UC Projects Focused on User Experience

Jeffrey Babe, Sr. Director, Professional Services and Field Services, Polycom