2018 Executive Cybersecurity Resolutions
Last week, we detailed some of the biggest cybersecurity predictions for 2018 and many of those may have left you feeling a bit uneasy about the year to come. Fear not: There are clear ways that you can position yourself in the driver’s seat as you look to steer your organization around the metaphorical cybersecurity potholes (or sinkholes) in the new year. Unlike that fitness resolution you’ve just renewed for the 14th January in a row, these are some resolutions you’ll be in a good position to see through over the next 12 months.
Finally Complete Your Cyber Risk Scorecard
Do you know the current risks to your business? I bet you do. You’ve detailed compliance, financial, strategic, operational, and reputational (brand) risks ad nauseam. Not so fast. Have you really thought about how cybersecurity plays into all of those areas of risk? Cyber risk is not a new area of risk, but rather an influencer to all of the other risks you’re already considering. One of your first thoughts and promises to yourself in 2018 should be to implement or complete a Cyber Risk Scorecard. This exercise will help you to provide a more concrete understanding to what currently feels ambiguous and intangible. Already have a scorecard? Great. Examine how can you improve it so it satisfies the needs of your executive team and of your board of directors.
Befriend Your CISO and Spend 1:1 Time Every Quarter
Befriending your Chief Information Security Officer isn’t just a good idea, it’s good business. The CISO is tasked with the enormous responsibility of protecting your organization’s crown jewels. The protection of your business grows in importance every day and yet the CISO often feels like the black sheep when he or she is (or isn’t) invited to the board room. The average CISO tenure is just 17 months and the position is known for being an organization’s scapegoat. The reality is the perspective of the modern CISO is changing and you owe yourself and your business a real partnership with this leader.
While the typical business and soft skills of the average CISO are improving year over year to compliment technical security knowledge, there is plenty of reason to develop a 1:1 personal relationship with your CISO. Make a resolution to knock down some of the walls between you and what’s really happening in security, or better yet, build a bridge to the security island that exists in many organizations. Not only will this provide you with an avenue to better understand the business risks associated with cybersecurity, but it also provides the CISO with an opportunity to better understand the business from your perspective.
Improve Your Own Digital Fitness
In addressing the often mentioned “people problem” in cybersecurity, your organization likely has invested in some sort of general cybersecurity awareness training for 2018 (if you haven’t, check out some great training tools from our friends at Ataata). If you’re like a lot of other executives, you might have recused yourself from the organization’s training requirement. View 2018 as an opportunity to hold yourself to the same standard that you expect out of every single one of your employees. After all, aren’t you likely a bigger target in the eyes of a threat actor? If you aren’t willing to go through awareness training, at least seek cyber risk training that focuses on the intersection of business risk and cyber risk and is designed for organizational leaders of your caliber. We can help you out with that.
Be Resolute in Your Resolutions
We named our board and executive training seminars Resolve to describe the action of solving a problem, but also to convey the rigor and dedication that it takes to overcome a challenge. President Truman’s “the buck stops here” sign sat atop of the Resolute Desk inside the Oval office for a reason: he knew that as the nation’s chief executive, he was ultimately the one responsible for ensuring the safety and success of the nation. As you drive your organization down the road of success, let’s muster up some collective executive willpower to stick to these cybersecurity resolutions throughout the year. Let us know what we can do to help.