Type your search and hit enter
Why corporates should recruit a CISO to the board

Why corporates should recruit a CISO to the board

Accenture report calls on CEOs and C-suite leaders to step up efforts to secure the digital economy

Credit: Dreamstime

The CISO’s area of responsibility has become too important to be confined to a single department or buried deep in the CIO organisation

Companies across the globe could incur US$5.2 trillion, or NZ$8 trillion, in additional costs and lost revenue over the next five years due to cyberattacks, according to a new report from Accenture.

The heightened risk comes as dependency of firms on complex internet-enabled business models outpaces the ability to introduce adequate safeguards that protect critical assets, the report states. 

Based on a survey of more than 1700 CEOs and other C-suite executives around the globe, the report —Securing the Digital Economy: Reinventing the Internet for Trust  - notes that cybercrime from a wide range of malicious activities poses significant challenges that can threaten business operations, innovation and growth, and the expansion into new products and services, ultimately costing companies trillions of dollars. 

The rapid emergence of new technologies is creating additional challenges, as four in five respondents (79 per cent) admit that their organisation is adopting new and emerging technologies faster than they can address related cybersecurity issues. 

Meanwhile, three-quarters (76 percent) note that cybersecurity issues have escaped their control due to new technologies such as the internet of things (IoT) and the industrial internet of things (IIoT). 

Majority of the respondents (75 per cent) believe addressing cybersecurity challenges will need an organised group effort, as no single organisation can solve the challenge on its own. 

Collective leadership

The report calls on CEOs to collaborate with other top executives and also, where possible, with governments and regulators.

Many companies are discovering first-hand that they can’t address internet security alone, it says.

Executives can also commit to sharing information around cyber attacks, thus helping reduce the stigma around these.

“When a company is willing to acknowledge an attack, it paves the way for more transparent work with other organisations and experts, improving their ability to resist new attacks and boosting data reliability,” reports Accenture.

Another recommendation is for corporates to bring the expertise of CISOs (chief information security officers) to the board. This will help ensure security is built-in from the initial design stage and that all business managers are held responsible for security and data privacy. 

This happened to the CIO role some two decades ago when the IT function left the back office to become the nervous system of the business. “Chief information security officers today can follow a similar evolutionary path,” the report states.

“Recruiting a CISO or former CISO to the board provides the opportunity to educate fellow board members, helping them become more cyber savvy and better risk managers. The CISO would gain a deeper perspective on the organisation.

“As a result, the CISO could increasingly articulate how cyber risks are linked with other risks, and inform the business leaders’ strategic decisions.

“Their area of responsibility has become too important to be confined to a single department or buried deep in the CIO organisation,” the report stresses.

Accenture says a US bank has already brought a retired CISO to the board, forging a path for others to follow.

“Managing cybersecurity doesn’t mean simply avoiding software problems. It means ensuring the resilience of the entire business.”

Justin Gray, country managing director, Accenture New Zealand, sums up the report’s implications for Kiwi businesses.

“With the threat of cybercrime rising and types of attacks maturing, businesses across all industries in New Zealand must take heed of this research,” says Gray. 

“We require cross-industry collaboration and leadership to tackle these cyber security concerns, to ultimately unlock the opportunities technology offers New Zealand as part of the global economy.”

Justin Gray
Justin Gray

Get the latest on digital transformation: Sign up for  CIO newsletters for regular updates on CIO news, career tips, views and events. Follow CIO New Zealand on Twitter:@cio_nz

Send news tips and comments to divina_paredes@idg.co.nz @divinap

Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags CISOprivacyinternet securityinternetaccentureAIdigital economyceo and cioCIO and the boardJustin Graydata breach

More about Twitter

Show Comments