Report: IT managers not best leaders in breach crisis

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.csoonline.com/article/2912434/data-breach/report-it-managers-not-best-leaders-in-breach-crisis.html

Technology managers are typically expected to take the point when a company
is hit by a major cyber security crisis, but a more business-oriented
leader might be more effective, says a new report from Booz Allen Hamilton.

It's the business leaders who typically make all the big decisions
affecting the whole company, said Bill Stewart, executive vice president at
Booz Allen Hamilton.

"In a crisis, it doesn't work that way," he said. "The roles get flipped."

But a technology manager is going to focus on the technology -- on fixing
the things that are broken and getting the adversary out of the systems.

But crisis management also involves legal issues, crisis communications,
and other strategic decisions, that an IT manager might be unprepared for,
or not have time to deal with.

In addition, technological solutions may sometimes be in conflict with
what's best for a company as a whole.

"They may have to shut the systems down, reconfigure things, and do other
things that will affect the business," Stewart said. "And they might not be
in a situation where they understand the broader business objectives.
Having someone who understands the broader business, helps them make better
decisions."

However, it may not make good financial sense for a company to have a full
specialized crisis management team standing by at all times, ready to jump
into action.

"There's a whole suite of things that you may need, depending on the type
of crisis and the scenario that you're dealing with," he said.

It makes more sense for a company to outsource a lot of this work, but
Stewart urged companies to set up the plan, and find the right partners,
well ahead of time.

"If you wait until you're in a crisis it's too late," he said. "You have to
do a lot of research, and you lose a lot of time there, then you have to
get people in, and when you get people in, they have to learn the company
and that wastes a lot of time."

The looming Internet of Things

Another major change Booz Allen focused on in the report is the coming
Internet of Things.

The combination of an increasing IP address space and falling technology
prices, means that a networked devices will soon be showing up everywhere.

The number of cyber breaches occurring now will seem small in comparison.

"The Internet of Things is going to change the scale of things
drastically," Stewart said. "The exposure is going to be much greater."

The problem is that the ordinary way of doing things puts security last, he
said.

"Our tendency in developing IT infrastructure has been to build it so that
it works as efficiently and as cheaply as possible," he said. "And the
result is that it doesn't include security. Security has an operational
cost."

But with the rising scale and price tag of breaches, companies are starting
to recognize the importance of security, and the value of building it in
right from the start, he said.

"If you do embedded security, you can actually get to a better, more secure
solution more cheaply than if you have to add it on at the end," he said.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!