It looks like you're located in United States, would you like to visit the United States website?     Yes   |   No

Data Breach Preparedness: Why the C-Suite Must Call the Shots

Posted May 31, 2016 by Lynn Brown

data breach preparedness

Despite high profile breaches making the news so frequently these days, PwC’s State of Security 2016 survey found that only 45% of boards participate in overall security strategy.

A data breach or other security incident can have a devastating impact on a company of any size – and an informed and involved C-suite should be an integral part of data breach preparedness and other security solutions.

Key areas where the C-suite makes a difference in information security:

Leadership: “Companies rely on senior executives to guide and protect the company, securing its future against a variety of business risks,” posted Michael  Bruemmer of international services provider Experian in a recent blog.  Senior executives and board member roles should be involved in receiving and reacting to regular updates on data breach preparedness and cyber security, he said.

Culture of Security: According to the Securing the C-Suite survey by IBM, the most secure organizations have created a culture of security that is embedded in the workplace from the top down. Top-down prioritization of technologies, policies, and employee education throughout the organization is critical.

Decision-making: A 2015 survey by Websense showed that 70% of security professionals believe the CEO should hold the ultimate responsibility in the case of a data breach. But according to 21% of respondents in earlier research by Ponemon, the primary responsibility for data breach preparedness is either with the CISO – or no one.

Data breach response plan: The board of directors, CEO and chairman should be instrumental in helping a company prepare for a response to a data breach. In Ponemon research, only 29% of the C-suite was informed and involved in plans to deal with a possible data breach.

Budget Approvals: The 5th annual Shred-it Security Tracker information security survey showed that C-suite executives have started to invest more in security policies and procedures. For example, over 60% of C-suite executives had a protocol for storing and securely disposing of confidential data. (Small businesses were less likely to have a protocol.) Up-to-date IT tools, document management policies and procedures, and employee work habits and behavior are all aspects of a data security budget and a protected workplace.

Cost Savings: Board involvement reduces the per-record cost of a data breach by a significant $5.50 per record. Companies pay an average of $154 per lost or stolen record, according to the Ponemon 2015 Cost of a Data Breach report.

Job Security: Another recent Ponemon survey showed that 17% of senior executives are not aware of whether or not their organizations had suffered a data breach in the last year. But recent mega breaches have shown that C-suite members and other management that are not aware of and involved in data security may lose their jobs following a data breach incident. Experts advise that all senior executives have a good understanding of the data breach response plan, new technologies, and security protocols in the workplace.

All employees, from the C-suite to the mail room, must follow best practices in data security – to protect the organization and everyone who works there.


Let Shred-it help keep your workplace secure.

Stay informed with the latest in information security news and promotions.

×

Request a Quote and Start Protecting Your Business Today!

Fill out the form or call 888.750.6450 to start protecting your business today!

×