The Tenth (& Final) Question Today’s CEOs Should Ask (& Know the Answer To)

save
Share and earn Cybytes
Facebook Twitter Google+ LinkedIn Email

In previous blogs, we discussed Commander’s Intent for CEOs and introduced 10 questions CEOs should be asking their teams.

This week covers the final question in the series but does not complete the cybersecurity conversation for CEOs. This should never end. Security must be an ongoing program that changes over time with your business. I’ve tried to keep these blogs concise because I understand how valuable your time is. That being said, security professionals need your help building a culture that supports security and minimizes cyber risk. In today’s world, cyber is business and cybersecurity keeps the business up and running. We must evolve our thinking at every level to achieve the goals of information security.

Today we ask the tenth (and final – for now) question:

“What do I need to know today that I don’t already?”

This question will give the team managing the security and availability of your systems the ability to bring up anything that may have changed or that you may need to know.

CEOs and executives continue to be targeted. The most famous attack group is “Dark Hotel.”  This group has been around for more than 10 years and continues to change tactics to target CEOs and business travelers around the globe. Threats vary depending on what your company does, who you work with, and where you do business. Asking this question will allow the team an opportunity to give you information to help protect you on travel or at home.

Certain parts of the world are a cesspool of malicious actors waiting to go after your data as soon as you connect. Allow your team t to educate you and give you situational awareness. If you were going to a part of the world where the chances of physical kidnapping were high you would probably want to know, right? You may take steps to protect yourself from it. Cybersecurity is no different except most organizations can’t see the crime until it makes the news.

Cybersecurity is fast moving and what was true yesterday may not hold to be true today or tomorrow. Projects may fail to achieve goals. People may come or go in the organization. New applications are launched all the time. The bad guys are crafty. They share data, change rapidly and it can be very hard for companies to keep up.

Sometimes, these rapidly changing circumstances require something to take priority that didn’t before. Maybe it’s a patch that needs to be put out in the middle of a work day, maybe it’s less intrusive. Whatever the case may be (and don’t be fooled), there will always be a case. Asking this will give them an opportunity to explain the issue and get support for the path ahead. The team will need an opportunity to bring up anything not previously covered by the other nine questions.

I wrote this series to educate business leaders out there. I see a lot of mistakes being made. I see the same things tried over and over and results that end up costing everyone. It’s almost everyday we hear about another breach and, as a consumer, it worries me how these incidents are being handled. Breaches will happen. Make no mistake about that. Consumers aren’t asking for perfection, but they are asking for honesty and transparency when it comes to their data. Don’t ever forget that some other CEO is responsible for your data. None of us depend on our teams alone. I encourage all of you to meet and talk about cybersecurity as well as business development.

CEOs are being fired for cyber negligence now. They have appeared on Capitol Hill. Consumers are demanding secure and private data. National security compels positive action on cybersecurity. You may not think you are a target, but consider someone you do business with. Consider your customers. Consider our  democracy.

There are no shortcuts in cybersecurity. It takes a steady focus on the people, processes, and technology in your organization. It takes everyone in the organization playing their part to mitigate risk. We need more leaders to step up on this issue. We can’t do this without you. We need leadership from the top down to achieve a world safe from cyberattacks. As a leader you must think of cyber risk the same way you think of business risk. If you begin to do that, I can’t promise there won’t be bumps in the road but they won’t hurt as bad when you do hit them.

Cybersecurity is about constant iteration, failing fast, and making rapid changes. If you can help create and foster an organization that embraces cybersecurity, you have a real shot at staying secure for the entire lifespan of your company.

Consider that the biggest risk to your company from a technology perspective is cybersecurity. It’s up to you to build an organization that’s resilient from cyberattacks. In the end, it always comes down to leadership.

The post The Tenth (& Final) Question Today’s CEOs Should Ask (& Know the Answer To) appeared first on Carbon Black.

Share this post and earn Cybytes
Facebook Twitter Google+ LinkedIn Email
Follow
66 Followers
About Carbon Black, Inc.
Carbon Black is the leading provider of next-generation endpoint security. Carbon Black’s Next-Generation Antivirus (NGAV) solution, Cb Defense, leverages breakthrough prevention technology, “Streaming Prevention,” to instantly see and stop cyberattacks before they execute. Cb Defense uniquely combines breakthrough prevention with market-leading detection and response into a single, lightweight agent delivered through the cloud. With more than 7 million endpoints under management, Carbon Black has more than 2,500 customers, including 30 of the Fortune 100. These customers use Carbon Black to replace legacy antivirus, lock down critical systems, hunt threats, and protect their endpoints from the most advanced cyberattacks, including non-malware attacks.
Promoted Content
7 Experts on Moving to a Cloud-Based Endpoint Security Platform
Everyday companies put more of their assets in digital form. Healthcare records, retail purchases and personnel files are just some of the many examples of how our entire lives have moved online. While this makes our interconnected lives more convenient, it also makes them more vulnerable to attack. The monetary benefits of exploiting these vulnerabilities have created an extremely profitable underground economy; one that mimics the same one we all participate in and has led to an increase in the sophistication and frequency of attacks. At the same time, mobility and cloud are changing the security landscape. We’ve moved from a centralized to a decentralized model as end users increasingly work on-the-go and access critical business applications and resources from anywhere. As such there is more emphasis on the endpoint and individual identities - from both the defender and the attacker - than ever before. As endpoints become smarter, new challenges emerge: emerging ransomware and 0-day exploits infect all kinds of systems with ease, while many attackers use no malware at all to accomplish their malicious goals. With all this change, we spoke to 7 leading security experts to identify what’s working and how they’ve influenced their organization to make the necessary changes before becoming the next victim.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel