The unprecedented technological advancement seen over the last two decades has become a double-edged sword. As a result, information security has gone from being a tertiary IT function to a significant operational risk.
In an article on CSO Online, Maria Korolov cites a recent survey of 200 corporate directors and found that 80% of corporate boards have cyber security on the agenda.
It turns out that 66% of survey participants weren't confident in their organizations ability to defend against cyber attacks. Surprisingly, on average cyber security ranked second to last in priority for developing new products and services.
"It's become a really serious issue," said Chris Wysopal, CTO and co-founder at Veracode, a cyber security vendor. "It's not just an IT issue, or a policy issue, or a compliance issue. It's becoming a corporate risk issue."
Of all the consequences related to cyber threats, board members surveyed said that brand damage, data breach costs, and theft of intellectual property were the top cyber security concerns. Finally, most of the respondents considered brand cyber security to be a key measurement of a CEO's effectiveness as a business leader.
If the CEO is being held responsible for brand cyber security, CISO's will be essential to helping them meet those objectives. Its an opportunity for CISOs to take ownership over key operational risks and demonstrate the efficacy of good cyber security practices.
However, CISOs must tread lightly. At the end of the day, businesses exist in order to earn revenue. As much as the business world is becoming captivated with cyber security, ultimately the bottom line will play a key role in determining new cyber security initiatives.
Unfortunately for cyber security practitioners, the very technologies that are driving modern businesses like cloud computing, digital advertising, virtual supply chains, etc., are causing cyber security problems. This is mainly a result of cyber security being concentrated at the perimeter and the industry's heavy reliance on firewalling and endpoint sensors.
The problem with perimeter based cyber security is that modern business technologies transmit/store data and host branded assets (websites, mobile apps, social sites, ads, etc.) outside of the perimeter. Thus a cyber security gap is left in between organizations and their digital touch points.
Brand protection starts with the securing the digital assets that are most vital to the business, particularly those interacting with customers. The key is maintaining an active inventory of all digital assets and continuously monitoring for outward facing cyber threats like defacements or strategic, web-based attacks.
CISOs have the opportunity to make a meaningful impact on brand risk by leveraging a new technology, purpose-built for securing digital assets. RiskIQ develops the tools necessary to keep up with modern technological trends that support the business while simultaneously improving cyber security.
To learn more about the impact of brand insecurity on business and new solutions designed to help protect brands, sign up for our webinar with Forrester Analyst Nick Hayes and RiskIQ VP of Product Strategy Arian Evans: http://trust.www.riskiq.com/brand-security-the-ciso-safeguarding-digital-footprint