Shutting Down a C Suite Person to Cyber Security

January 7, 2020

DarkCyber spotted an interesting approach to marketing. The write up “Implications for CEOs Who Miss Security Targets” offers words of wisdom from a consultancy doing business as Thycotic. With what does this name rhyme? Note: This is a question, you gentle reader, can answer. DarkCyber thinks stenotic perhaps. The word, as you may know, means narrowing.

With the poetry out of the way, what are the issues related to a “security target”?

One of the main reasons behind this is that there is a disconnect between the C-suite and the IT security team. A lack of effective communication between the two can often result in security targets that are based on KPIs that have little relation to business objectives.

Yes, we have a failure to communicate.

Image result for paul newman failure to communicate

And there is evidence, proof from a sample of 550 “IT decision makers”:

a Thycotic survey of 550 IT decision makers shows that a quarter (26 percent) report that IT security is not prioritized or invested in by their boards as strategically important. Further, more than half (52 percent) of IT security decision makers say their organizations struggle to align business goals and security initiatives. Four out of 10 (43 percent) say their business’s goals are not communicated with them and a third (36 percent) admit that they aren’t clear on what the business goals even are.

DarkCyber can add the following downsides:

  1. The IT person will be given an opportunity to [a] testify and [b] find his/her future elsewhere
  2. New cyber security vendors will be hired, adding to the confusion and complexity for sitting ducks to fend off guerilla hunters working alone, in squads, or for an industrialize criminal organization
  3. Employees will be reminded to change their passwords, zip their lips, and avoid clicking on emails which usually look pretty darned authentic.

DarkCyber’s view is that change, particularly with regard to cyber security, comes slowly for many organizations.

PS. The C suite may be given an overhaul.

Stephen E Arnold, January 7, 2020

Comments

Got something to say?





  • Archives

  • Recent Posts

  • Meta