Turning awareness into readiness
There are a number of steps that CEOs need to take to convert this `cyber concern' into `cyber confidence'.
First, CEOs need to ensure their entire senior management team understands that cyber must be a strategic-level priority. The reality is that an organization that implements one-dimensional, tech-focused solutions concentrated on protection alone will miss the big picture and may put the organization at greater risk. Cyber security can't just be a technology problem, but rather it must be a holistic one, by which cyber security considerations are imbedded at the earliest levels of product and service design, so that safety measures and risk assessments are baked into company strategies from the start, rather than letting cyber fears stunt company innovation and digital goals down the road.
Second, CEOs must translate their words into actions by playing an active part in cyber security discussions. That means interacting directly with the executives responsible for cyber including their Chief Information Security Officers, to help understand the key issues impacting the business, champion their work and help deliver their mandates across the business environment not specifically within the technology space. I was so encouraged to hear that 59 percent of our respondents see protecting customer data as a critical personal responsibility. That high level of personal accountability will likely translate into greater engagement by CEOs in the cyber measures developed and managed by their IT teams.
As CEOs take increased personal responsibility for cyber issues, they are acknowledging that there is no alternative. Having recognized the problem exists, it's time to start the real work of fortifying their organization against cyber threats that are no longer a matter of `if' but `when?'