When it comes to cybersecurity, CIOs and CEOs of today hardly have the same outlook. As per the KPMG U.S. CEO Outlook 2018, 77 percent of CEOs think they are ready to tackle cybersecurity issues. However, the Harvey Nash/KPMG CIO Survey 2018 reveals that only 22 percent of CIOs are confident about their organizational readiness. The difference between the percentages reveals the communication gap between the CIOs and their CEOs. In this article at CIO, Tony Buffomante shares how the two powerhouses can find a common cybersecurity ground.
Cybersecurity is the talk of the town with newspapers informing about security breaches every day. Cyberattacks rip the company off its intellectual assets and money, investors, workforce, the people as well as its reputation. CEOs often promise to deliver unrealistic project expectations to the stakeholders and ignore setting up proper cybersecurity protocols. CEOs often do not understand the importance of ramping up the security structure regularly. CIOs too fail to simplify technological jargons to non-IT executives creating a communication gap. They can do the following to find a common cybersecurity ground with their CEOs:
- Regular Executive Meetups: CIOs must communicate about cyber issues with the CEOs and stay updated about the new company policies and problems. Though most CIOs are an integral part of the executive board, the percentage has gone down to 9 percent.
- Appropriate Story-Telling: CIOs should mask off the technology terms with simpler language. However, they must point out the impact of cybersecurity on organizational performance. Also, competitive benchmarking with market leaders will help CEOs understand better.
- Centering Around Business: CIOs must talk about cyber attacks from the business perspective. They should also encourage the CEOs to explain corporate objectives and risk tolerances in IT terms. This way, CIOs can understand, analyze, and shortlist cyber risks. They can display the costs incurred in terms of finance, compliance, brand reputation, and the workforce. It will help them to explain to the board why investment in cybersecurity is necessary.
- Choosing Vendors: CEOs may fail to understand the fake promises given by vendors as their focus is directed more towards advanced features. CIOs should start having a more decisive role in selecting the third-party vendor for the company. They would know the right questions and appropriate tools for the company.
To view the original article, visit the following link: https://www.cio.com/article/3299028/leadership-management/ceo-and-cio-cyber-disconnect-fixing-the-communications-breakdown.html