FOUR-TIME CEO SAYS CORPORATE CULTURE IS THE MOST IMPORTANT DEFENSE IN CYBERSECURITY

save
Share and earn Cybytes
Facebook Twitter Google+ LinkedIn Email

by Bricata

That culture eats strategy for lunch is an idea often attributed to the late management guru, Peter Drucker. Mr. Drucker may have never imagined the world of cybersecurity we have today, but the power of good ideas is that they hold up over time.

To that end, culture may be the most important factor any CEO has within reach to secure their organization, according to Ben Levitan. Over the course of his career, Mr. Levitan has held the CEO title four different times and influenced many more as a board member and during his tenure as a venture partner at In-Q-Tel.

Mr. Levitan serves on the board here at Bricata, and given his experience in the corner office, we thought it would be useful to sit down for an interview and get his take on what CEOs really need to know about cybersecurity.

1) In doing research for this interview, we noticed some headlines saying in effect, CEOs suddenly care about cybersecurity. Do you think that’s true?

BL: CEOs have cared about security for a long time for three primary reasons. First, the scale of attacks is a steady drumbeat of breaches and a new threat count seems to grow daily. Secondly, the financial impact has grown significantly. And third, cybersecurity is a compliance and reputational risk in every industry and in every organization.

Another key reason why CEOs care more about cybersecurity is the effect breaches have stretched across the business to outside relationships with suppliers and customers. This means security touches more people than ever and CEOs now recognize this risk to their businesses as they are increasingly digitally connected and integrated with customers and suppliers.

It’s worth noting, the pace of regulation has picked up recently which makes security hard to ignore. For example, the General Data Protection Regulation (GDPR) framework comes with significant fines or the threat of significant fines. This affects any organization doing business within the European Union (EU) or with a European citizen – and that essentially means everyone!

2) In the grand scheme of the responsibilities that CEOs have across employees, customers, stakeholders, where should cybersecurity fit on the very long list of priorities that they already have?

BL: In some businesses, cybersecurity fits as an area of business enablement or, more specifically risk, security and compliance. In other businesses, security is closer to the operations function. While cybersecurity impacts business performance and how a business operates, it remains a support function.

Accordingly, many CEOs have a group of people tasked with managing this function reporting to another executive. When a CEO needs to know something, depending on the issue, it is usually the chief information officer (CIO) and chief information security officer (CISO) supported by a cross-disciplinary group that spans compliance, risk management, operations and finance (insurance) that helps the CEO address the incident.

Where organizations sometimes get into trouble is when they address risk management and cybersecurity too aggressively and impose business constraints. Poor password management, access control methodologies and constantly changing cybersecurity policies are a few examples of what I see.

To read the entire post, please click here.

Share this post and earn Cybytes
Facebook Twitter Google+ LinkedIn Email
Follow
26 Followers
About Bricata
Bricata is a cybersecurity solutions provider that combines a powerful network threat hunting platform into a comprehensive threat detection and prevention solution to help determine the true scope and severity threats. Bricata simplifies network threat hunting by identifying hidden threats using specifically designed hunting workflows that use detailed metadata provided clearly and eases your transition from the known to unknown malicious activities in conjunction with an advanced threat detection and prevention platform which detects zero-day malware conviction.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel