This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
This Website Uses Cookies
By closing this message or continuing to use our site, you agree to our cookie policy. Learn More
This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • Home
  • News
    • Security Newswire
    • Technologies
    • Security Blog
    • Newsletter
    • Web Exclusives
  • Columns
    • Career Intelligence
    • Security Talk
    • The Corner Office
    • Leadership & Management
    • Cyber Tactics
    • Overseas and Secure
    • The Risk Matrix
  • Management
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • More
  • Physical
    • Access Management
    • Video Surveillance
    • Identity Management
    • More
  • Cyber
  • Sectors
    • Education: University
    • Hospitals & Medical Centers
    • Critical Infrastructure
    • More
  • Exclusives
    • Security 500 Report
    • Most Influential People in Security
    • Top Guard and Security Officer Companies
    • The Security Leadership Issue
    • Annual Innovations, Technology, & Services Report
  • Events
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
    • Security 500 West
  • Resources
    • The Magazine
      • This Month's Issue
      • Digital Edition
      • Archives
      • Professional Security Canada
    • Videos
      • ISC West 2019
    • Photo Galleries
    • Polls
    • Classifieds & Job Listings
    • White Papers
    • Mobile App
    • Store
    • Sponsor Insights
    • Continuing Education
  • InfoCenters
    • Break-in Prevention
    • Building AppSec in Enterprises
    • Video Management Systems
  • Contact
    • Editorial Guidelines
  • Advertise
Home » Blogs » Security Blog » Under Pressure

Kevin Coleman is a dynamic speaker, author, advisor, and visionary that provides riveting insight on strategy, innovation, and the high velocity technology. He was Chief Strategist at Internet icon Netscape and at another startup that grew to be BusinessWeek’s 44th fastest growing company. He has spoken at some of the world’s most prestigious organizations, including the United Nations, the U.S. Congress, at U.S. Strategic Command, and before multiple Fortune 500 organizations and briefed executives in 42 countries around the world.

Under Pressure

Security blog default
January 7, 2017
Kevin Coleman
KEYWORDS Chief Security Officer (CSO) / CISO / cyber security
Reprints

Under pressure!  No, not the 1982 hit song by Queen that was used in the 1997 American comedy crime film Grosse Pointe Blank. I am describing the likely 2017 work environment for CSOs and CISO. If CSOs and CISOs thought they were under pressure in 2016, it is about to increase and go beyond the usual. Traditional increases in pressure were due to the growing rate of data breaches and the number, complexity and success rates of cyberattacks. All of those pressures will increase from 2016 to 2017, but wait there’s more!  There will be multiple new reasons for the increase and the impact they will have will be different. The pressure will come from as high as you can go within your organizations as well as being driven by business management. Here are just a few drivers of the increased pressure.

  1. According to a recent survey, nearly 24 percent identified that cybersecurity (attacks and breaches) will be at the highest propriety for board in 2017. Its priority is very close to what is placed on strategy and general risk oversight. Another interesting aspect of board level pressure came from another study that found in the past year less than 50 percent of new board members possessed a technical background, knowledge, capability and/or experience. 
     
  2. The massive breach that struck Yahoo will shake things up as well. Previous publications state that Verizon planned to bid more than $4.8 billion for the Yahoo's Web Assets. That has changed, and now according to TheStreet.com, Verizon has reduced its bid for Yahoo by $1 billion. That would equate to about a 1/5 loss in Yahoo’s value. 
     
  3. Another interesting factor uses a recent metric from the 2016 Ponemon Cost of Data Breach Study, which found the average loss per record stolen increased and is now $158! If that figure holds true, the calculated cost of the Yahoo breach would be $158,000,000,000.  $158 billion -- an economic impact to be sure. These are clearly an indicator of the economic damage of a successful cyberattack!

It is important to note even small and mid-size company executives are now paying attention. I am sure they will uncover the recent metrics that indicate that many small and medium size organizations go out-of-business within a year to 18 months following a breach.

CSOs and CISOs will experience a lot of pressure from above. Executives and board members have clearly become sensitive to all the media attention given to numerous high-profile data breaches and the cost of litigation that follow these successful cyberattacks. Executive management and the board want these business assets protected period. They also want to avoid the high and getting higher costs of successful cyberattacks and data breaches, including the costs associated with litigation that essentially follows. Today and moving forward, executives and board members recognize that they must meet their responsibilities with regard to managing cybersecurity risks within their organizations. I had a conversation with Simon Johnson, a senior level management consulting focusing on cybersecurity at the executive and board level, and he clearly indicated there would be implications from the Yahoo breach. He said, “The value at risk is substantial and every executive and board member should understand the value at risk associated with various risk scenarios. This clarity creates the clear call to action and value proposition – defined by the value at risk – that a board and its’ executive could not ignore – or brush aside.” Given that insight, you can easily see why CSOs and CISOs will be under increased pressure from the very top of their organizations!

The cyber threat environment continues growth that is virtually unchecked. With that the patience and understanding of executives and board members shrinking and rapidly becoming non-existent, the time for action is now. Given all the highly publicized breaches like Yahoo, the hacker community will be encouraged. Here is some advice: be ready! No more tech talk and jargon. No more "planning to do that" – you had better just get it done and done right. The level of risks now being associated with cyberattacks and data breaches demand these risks be managed and managed to the executive team’s and board member’s expectations. If you fail to meet their expectations, my advice is to update your resume!

Blog Topics

Security Blog

On the Track of OSAC

Recent Comments

Insufficient information

Thankyou so much for sharing such an informative...

I just wish my mechanical lock had a...

security

Security

Blog Roll

Security Industry Association

Security Magazine's Daily News

SIA FREE Email News

SDM Blog

Kevin Coleman is a dynamic speaker, author, advisor, and visionary that provides riveting insight on strategy, innovation, and the high velocity technology. He was Chief Strategist at Internet icon Netscape and at another startup that grew to be BusinessWeek’s 44th fastest growing company. He has spoken at some of the world’s most prestigious organizations, including the United Nations, the U.S. Congress, at U.S. Strategic Command, and before multiple Fortune 500 organizations and briefed executives in 42 countries around the world.

Subscribe For Free!
  • Print & Digital Edition Subscriptions
  • Security eNewsletter & Other eNews Alerts
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Popular Stories

cybersecurity breach

The Top 12 Data Breaches of 2019

ransomware-enews

British American Tobacco Suffers Data Breach and Ransomware Attack

Dispelling the Dangerous Myth of Data Breach Fatigue; cyber security news

Major Retailer Macy's Is Hacked

server room, cybersecurity, penetration testing,

Explained: Firewalls, Vulnerability Scans and Penetration Tests

cyber network

How to Achieve Cybersecurity with Patience, Love and Bribery

SEC2019_Everbridge_1119_360x184customcontent

Events

December 17, 2019

Conducting a Workplace Violence Threat Analysis and Developing a Response Plan

There are few situations a security professional will face that is more serious than a potential workplace violence threat. Every security professional knows and understands that all employers have a legal, ethical and moral duty to take reasonable steps to prevent and respond to threats of violence in their workplace.
January 23, 2020

The Value of a Unified Approach to Critical Event Management

From extreme weather to cyberattacks to workplace violence, every organization will experience at least one, if not multiple, critical events per year. And in today’s interconnected digital and physical world, the cascading safety, brand, and revenue impacts of critical events are more severe.
View All Submit An Event

Poll

Emergency Communications

What does your enterprise use to communicate emergencies to company employees?
View Results Poll Archive

Products

Effective Security Management, 6th Edition

Effective Security Management, 6th Edition

 Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics. 

See More Products
SEC500_250x180 clear

Security Magazine

SEC-December-2019-Cover_144px

2019 December

This month, Security magazine brings you the 2019 Guarding Report, featuring David Komendat, Boeing CSO, and many other public safety leaders to discuss threats and solutions for 2020 and security officer training. Also, we highlight Hector Rodriguez, Director of Public Safety and Security at Marymount California University, CCPA regulations, NIST standards, VMS and much more.

View More Create Account
  • More
    • Market Research
    • Custom Content & Marketing Services
    • Security Group
    • Editorial Guidelines
    • Privacy Policy
    • Survey And Sample
  • Want More
    • Subscribe
    • Connect
    • Partners

Copyright ©2019. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing