As the threat of cyber attacks and cyber risk continues to increase, the C-Suite of most major businesses, particularly the CFOs and COOs across the world will have to learn, adapt and build competency to successfully address this critical challenge. There are many creative approaches that CFOs and COOs have employed so far to develop their competency in cyber security, but the most effective by far is when they view cybersecurity through the lens of Enterprise Risk Management [ERM].
Cyber security is typically in the top five risks that a corporation deals with, and a key aspect of a CFO’s and COO’s role is to help manage that risk. Viewing cyber risk through the lens of ERM enables the CFO and COO to use a framework, process, and strategy to help position the company to manage the plan for cybersecurity successfully. This approach provides a familiar environment for the C-Suite to get educated and bring pragmatism and a business context to the dialogue on cyber security.
“CFOs and COOs must focus on understanding the overall security posture of the company and invest in the three areas critical to and business success: people, process, and technology,” said Raj Goel, CTO and founder of Brainlink and 25-year veteran of the IT industry. “Companies (and proactive C-Level executives) should be thinking about integrating security, IT, corporate communications and business continuity as part of their breach response planning.”
Similarly, Stefan Tomlinson, CFO of Palo Alto Networks told Forbes.com, “CFOs don’t have to be technical experts in security protocols, encryption, data storage, etc. but they do need to have a working knowledge of cyber and data security.”
In many cases CFOs and COOs manage IT, so by definition, they help shape the technology footprint, business process optimization, and automation efforts. These are just two examples, of many, which capture the increasing role that members of the C-Suite play in helping run the business.
Ultimately, the expanded role of the CFO and COO is a benefit to the business because they become better trading partners. This positive dynamic shines through in the financial planning and operating portions of the business. Financial, operational and strategic planning are all intertwined, and these executive members of the company play a central role in each of these aspects.
Raj’s law: GOOD people + GOOD Process + OK technology = SUCCESS.
Investment Formula for success: 50% People + 30% Process + 20% Technology = SUCCESS.
Are YOU investing in EFFECTIVE staff TRAINING, SOP development, and APPROPRIATE technology? Is your IT and security vendor following the same formula? Or are they wasting dollars on overpriced technology while ignoring your people & using immature processes?
If you don’t like your answers to these questions, reach out to Raj Goel and Brainlink right away at (347) 460-2238 or email@example.com.