Data is fast emerging as a new economy. Recently, along with the globe, India has seen an increasing string of cyberattacks, cybercrimes and data thefts. Personal bank accounts have been hacked using SIM card information. Banks have been siphoned off cores of rupees in minutes.Skimming devices have been used in ATM to steal details of debit card holders. Popular celebrity sites have been defaced with hate messages.
Safeguarding crime against privacy and data theft is a high priority imperative for government and enterprises alike.With SMAC (social, mobility, analytics and cloud) becoming mainstream AI, IoT and Automation is driving the second wave of digital. This means a new range of IT infra getting deployed at the core, and more at the edge.
Cybercrime is booming. Organisations are investing heavily to tackle the menace. But perhaps the approach is myopic. May be we need a top down approach. For this, CIOs must communicate with the C-level leadership and Board.
It seems to me , that cybercrime is here to stay and multiply into a booming business. And cybersecurity has already grown to be an issue as grave, if not more, than homeland security, So what needs to change?
I feel,cybersecurity needs to be viewed as a board room agenda. It is no longer sufficient that IT deploys a sophisticated antivirus or roll out the trending firewall and hope for the best . Today, it needs a holistic risk management strategy, a structure to support the processes and talent to drive the strategy.
Very few boards have an authentic view on cybersecurity issues. Those that view have a concern on the reports they browse. Quite a few board members may need to gain understanding on cybersecurity issues to providequalified and effective guidance.
And that means, the CIO has to prepare for a board room agendaon cybersecurity thoroughly. CIOs must change their language from talking technical controls to how business and data needs to be secured. They have to present a business case of adverse cybersecurity consequences. Strategy, structure, process and capabilities to mitigate this risk needs to be debated and deliberated inside the board room.
A lot of cyber vulnerabilities exists at the edge, rather than the core. Resources managing IT infrastructure and applications are key to proactively sniffing threats and preventing intrusions. Service partners have an increasing responsibility to collaborate with CIO and his or her team in supporting the plan of action. CIOs need to on-board partners with cybersecurity competence.
In our company, I am investing to build competence and commitment to help CIOs reshape thinking and influence board room agendas.I believe the day is not far, when CIO remuneration will be linked to effective cyber security.