Stories
Slash Boxes
Comments

SoylentNews is people

Boards Ready to Fire Over Bad Security Reporting

posted by n1 on Wednesday June 15 2016, @04:20PM   Printer-friendly
from the job-security dept.

Arthur T Knackerbracket has found the following story:

If CISOs don't do a good job of communicating, 59 percent of board members said that the security executives stand to lose their jobs, according to a new survey released today.

"If they're not up to par in the minds of the board, there will be action taken," said Ryan Stolte, co-founder and CTO at Bay Dynamics.

It marks an inflection point in how the boards look at cybersecurity, he said.

Previously, boards looked at breaches as an act of God or natural disaster, he said, or just fired the CISO even if the breach was not something they could have prevented.

"Now they're treating it as a risk management concern," he said. "It's a mind change."

[...] According to the survey, which was conducted by Osterman Research, cyber risk is now a top priority for board members, right up there with financial risk, regulatory risk, competitive risk, and legal risk.

[...] 54 percent of board members said that the data they were getting was too technical, and 85 percent said that IT and security executives need to improve the way they report to the board.

If the reports aren't useful and actionable, 93 percent said that there would be consequences. These included termination, said 59 percent, or warnings, said 34 percent.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Boards Ready to Fire Over Bad Security Reporting | Log In/Create an Account | Top | 21 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by archfeld on Wednesday June 15 2016, @08:57PM

    by archfeld (4650) <treboreel@live.com> on Wednesday June 15 2016, @08:57PM (#360739) Journal

    I wonder is part of this has to do with the new EMV liability shifts. Businesses that have customer facing technology are now going to held to a much higher level of liability relating to payment systems and a security hole in that could result in millions of dollars of loss that used to be covered by a combination of Visa/MasterCard etc. and insurance. That old bird won't fly anymore and companies are going to be hit in the only place that seems to matter to them, the deep pocketbook. I've never yet been to a big box merchant that even began to follow through with the proper security checks to accept my CC, e.g. verify a signature, or check other ID, or generally even ask questions, or look you in the eye.

    --
    For the NSA : Explosives, guns, assassination, conspiracy, primers, detonators, initiators, main charge, nuclear charge
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2