Cisco: CEOs Need To Be More Accountable For IT Security

Cisco: CEOs Need To Be More Accountable For IT Security
To sign up for our daily newsletter covering the latest news, hacks and reviews, head HERE. For a running feed of all our stories, follow us on Twitter HERE. Or you can bookmark the Lifehacker Australia homepage to visit whenever you need a fix.

If your company’s IT security rests solely on the IT manager, Cisco wants this to change. As part of its recommendations to the Federal Government for the 2015 Cyber Security Review, the networking vendor wants to see CEO level accountability for the “integrity, confidentiality and assured availability of data, systems and services” within businesses.

Server CEO picture from Shutterstock

According to Cisco, the increasing number of IT security incidents that has happened in Australia, ranging from data breaches to cloud service disruptions, is detrimental to our economy and society. Pretty serious claims.

On a global scale, national losses from cyber security incidents are thought to be around 1 per cent of the GDP, which Cisco estimates to be as much as $17 billion in Australia. We all know that small businesses are constantly being hounded by cyberattacks and even larger organisations with access to more sophisticated IT security tools are being targeted at an alarming rate.

Cisco is extremely concerned about Australia’s ability to address cybersecurity issues “as most organisations do not have the people or the systems to continually monitor extended networks and detect infiltrations.”

The vendor has made a series of recommendations to the Government on the issue of Australia’s cybersecurity future. One of these recommendations is to, as Cisco calls it, ‘uplift’ cybersecurity leadership:

“Cyber security leadership needs to play a greater role in corporations and institutions. Executive committees and boards need to lead this transformation, whether this is government or business.”

Essentially, the vendor wants top-tier executives to be across the IT security within their organisations. Sounds easy enough, right? But considering many executives do not have a background in IT, making time for something they may not have a clear understanding of may prove to be too onerous.

Chief security officers (CSOs) are still not as common within organisations but company may well think about investing in one. It’s already difficult enough securing internal systems let alone deal with external cyber threats so having one person sitting at the C-suite level looking after that side of the business will take the burden off other high-level executives.

The role of the CSO is on the rise globally as enterprises step up their IT security game as security breaches and downtime can be costly in many ways. It’d be interesting to see how organisations locally will re-evaluate their security strategy in the near future.