The Voice of the CSO Needs to Roar

Joe Schattschneider
10/1/20 11:42 AM

As a Chief Security Officer, you were hired to protect your business. You've spent thousands of hours researching, testing, and developing comprehensive protocols to keep your operation secure. That includes safeguarding critical assets like your client's data.

But the budget you were given is slightly too restrictive. The team you were promised is somewhat too small. And your instinct to prioritize security over all else is brushed aside by a need to report increased profits.

Despite all that, the 30-year old legacy systems you inherited are riddled with who knows how many vulnerabilities, a million applications are moving to the cloud all at the same time, and the business engine is desperate for new opportunities. It only takes one mistake, one vulnerability, to lose your clients' trust and end up on the front page of the Wall Street Journal.

Just ask companies like Equifax, Capital One, and Wawa. Despite their vast resources and talent, they have been subject to massive client data breaches within the last half-decade.

Date Company Event
October 2017 Equifax A malicious actor exploited a publicly-known security vulnerability to access over 150 million customer records. Equifax failed to patch the security vulnerability, allowing uninterrupted access to a critical system for several months.
July 2019 Capital One A misconfigured firewall was breached, exposing over 100 million individuals' personal information.
December 2019 Wawa 30 million credit card numbers were accessed and leaked through its payment card processing system.

And these occurred in what you may call a "normal year." But in 2020, you had to take your already incredibly high-stress job and add in millions of employees working from home. Meanwhile, everything, and I mean EVERYTHING, is moving towards the cloud to take advantage of the incredible cost savings and global accessibility.

Enough is enough.

It's time for companies to listen to their Chief Security Officer. It's not that companies have been completely ignoring the CSO over the past decade, but it's impossible to disregard operational leadership's considerable underappreciation for the CSO and digital security.

In 2021, security must be front-and-center. Digital security is no longer a nice-to-have. It is essential to protecting your clients, your business, and your shareholders.

So what can you do?

You must champion for security. Always.

The "C" in CSO means you have additional responsibility but also a powerful voice. Your client's data and your company's security is your number one priority. A few things you absolutely must do:

  • Push your board for a security investment budget, even if it impacts margins.
  • Implement secure processes, even if your employees complain about additional, "burdensome" authentication steps.
  • Test your systems, integrations, vendors, and employees to detect every single hint of vulnerability. 

And you must do all of these things and more each and every year. Only then can you start to feel confident in your security.

The world's most integral companies need the world's most comprehensive security.

That's why companies like FINRA and DTCC trust the Kingland Data Platform to secure their client data. And it's why we'll be discussing security in our newsletter and on social media throughout the month.

You May Also Like

These Stories on Kingland Culture

No Comments Yet

Let us know what you think