Why Good Cybersecurity Implies Good Leadership

In the not-so-distant past, cybersecurity was typically the forgotten stepchild of an organization’s Information Technology (IT) department. After a spate of high-profile cyberattacks and data breaches that have foisted millions of dollars in costs and damages on the targeted companies, the responsibility for cybersecurity has moved straight up to the executive suite. A Board of Directors that is paying attention to the likely threats and risks faced by the companies that they manage will look directly to the company’s CEO to set a company-wide example of good cybersecurity practices and good leadership.

At least five reasons explain cybersecurity’s rapid rise to prominence.

1 – Effective leadership is required to transform existing businesses into entities that are able to compete across a global electronic platform.
In the modern economy, every company must be able to conduct business on the internet. Cybersecurity will be an essential component of any strategy that transitions a company onto that platform. Enterprise-wide decisions on how to embed cybersecurity solutions into an organization’s networks and architecture and to unify applications across the organization will need to come from the top.

2 – Good cybersecurity practices will distinguish good corporate management from bad.
Beyond merely defending an organization’s computer networks from data breaches, good cybersecurity practices will enable a company to attract new customers, develop customer trust and loyalty, and enhance the company’s reputation across its industry. Companies can use their cybersecurity practices as competitive differentiators to give their customers added assurances that customer data will be protected from unauthorized use by third parties.

3 – Employees follow the example set by company management.
A company’s employees are typically its weakest link in the fight against data breaches and other cybersecurity threats. Employees who perceive that their CEO is adhering to strong cybersecurity practices are more likely to do the same. The CEO’s example can also impress upon employees that their jobs may well be at risk if a data breach leads to a significant loss that the company cannot absorb.

4 – Management takes a big picture view of the entire organization.
Relegating cybersecurity to an Information Technology department is likely to create a very narrow-focused cyber defense response. IT employees will erect firewalls and defenses that protect aspects of a network and a company’s infrastructure that they perceive to be important. A CEO or other member of a company’s executive management will have a broader overview and will be able to make critical inquiries, including whether the company has given sufficient weight to cybersecurity issues in enterprise management; and how effective the company’s response plan (if any) might be in the event of a serious data breach.

5 – Cybersecurity has a direct impact on a company’s bottom line.
The ultimate role of a CEO and an executive management team is to increase the value of the company. A substantial portion of the value that a CEO creates can be wiped out as a result of a single data breach event. For example, the extra-marital dating site, Ashley Madison, cancelled its initial public offering following a high-profile data breach that exposed the personal information of thousands of the company’s customers. The company had anticipated raising up to $200 million in the public offering. That value was destroyed and will likely never be recaptured.

Unfortunately, at the end of the day, no amount of good leadership can prevent every instance of a data breach. CEO’s and executives who realize this will add data breach coverage as part of their defense plan. A cybersecurity insurance policy will make a pool of resources available to reimburse a company for its losses and third-party liabilities that arise from a data breach. The strongest leaders will insist that their companies are adequately protected against those liabilities and losses with a robust cybersecurity insurance policy.

1 thought on “Why Good Cybersecurity Implies Good Leadership”

  1. Cybersecurity is equally important to the patients as it should be for the healthcare sector. Hospitals and other health departments must protect the data of their patients from getting leaked.


Leave a Comment

%d bloggers like this: