Who Should be Responsible for Protecting Data?

The business disruption caused by COVID-19 has created several new cyber risks for companies to manage. Cybersecurity is not merely protecting the assets and updating the software, but it is also about understanding who is responsible for predictions, preparation, process, and rectification when things go wrong. In this article at Information Age, Charlotte Walker-Osborn explains what organizations must do to protect their users and businesses, and who should be legally responsible for cybersecurity.

Legal Liability in Information Security

Globally, the IT industry has witnessed massive cyber attacks in the recent past. Cybercrime affects organizations through production loss, destruction and theft of personal and financial data, monetary loss, and reputational damage. So, who is legally responsible for cybersecurity? “Frequently, the actual security issue comes down to a human error in usage; for example, the user or employee not closing the conference call once the meeting is finished; weak passwords; or utilizing non-essential functionality, which is less protected,” says Charlotte.

Besides the end-users, management must also own cyber risk management. Many CEOs only want to invest in cybersecurity when they foresee that something will happen or can happen. This is especially true in small companies with a limited budget where there is no CIO,  CISO, or IT director in place, and the CEO has limited knowledge of cyberattacks.

What Should Management Do?

True cybersecurity goes beyond just securing data and the business systems. Leadership success lies in ensuring that the issue of cybersecurity has the right profile within the organization. If almost all links are secure, but one link is not, then all players in the chain are at risk from breaches. Business leaders must be more proactive than just being aware of cyber threats. Their focus must be on making sure that people, technology, and processes work harmoniously to mitigate risks posed by cybercriminals. Management must embed these principles in every activity of the business. To read the full article, click on

Nivedita Gopalakrishna

Nivedita Gopalakrishna is currently working as a Content Specialist with CAI. She has more than eight years of experience in blogging, copywriting, and ghost-writing. Nivedita started her career as a reporter/sub-editor in one of the reputed newspaper organizations in India. She went on to pursue her career as a content analyst in an Indian-based company, Brickwork India Pvt Ltd. Nivedita has assisted several overseas clients with SEO-friendly content for B2C copies, blogs, product descriptions, newsletters, sales letters, e-books, and research papers. When she is not at her computer, you can find her either reading vintage novels or singing Indian classical music.

Related Articles

Back to top button

We use cookies on our website

We use cookies to give you the best user experience. Please confirm, if you accept our tracking cookies. You can also decline the tracking, so you can continue to visit our website without any data sent to third party services.