Security is no longer just a hot topic among security professionals. It’s crossed the boundaries into mainstream media and political debates. You can’t watch the news or read a newspaper or magazine without hearing about cyber threats, personal information breaches or risk management. But that doesn’t mean that company executives have opened their wallets to each and every security project their security staff submits – if only it were that easy.
However, fortunately those of us in the security profession no longer need to build our case from the ground up by providing a definition of cyber, breach or risk. I don’t mean to be facetious, because that is where we were some five to 10 years ago. Today we work in an environment where security risks are real and are already being discussed and debated at the board level. CEOs are asking the questions, “Is our company properly protected against an attack?” and “Is our customer data secure?” Our job as security experts is to ensure we can answer those questions in the affirmative, either now or in the very near future. But that means getting the funding and resources needed to implement new projects and programs that address these threats – and the only way to successfully secure budget and resources in most companies is via the Chief Financial Officer (CFO).