Apac
  • Home
  • CXO Insights
  • CIO Views
  • News
  • Conferences
  • Newsletter
  • Whitepapers
  • About us
Apac
  • Admired Tech

    Agile

    AI Healthcare

    Artificial Intelligence

    Augmented Reality

    Aviation

    Big Data

    Blockchain

    Cloud

    Cryptocurrency

    Cyber Security

    DevOps

    Digital Transformation

    Drone

    HPC

    Infrared

    Internet of Things

    IT Services

    Marine Tech

    Networking

    PropTech

    Remote Work

    Robotics

    Scheduling Software

    Sensor Tech

    Simulation

    Smart City

    Software Testing

    Startup

    Storage

    Unified Communication

    Web Development

    Wireless

  • Automotive

    Banking

    Capital Market

    Construction

    E-Commerce

    Education

    FinTech

    Food and Beverages

    Gov and Public

    Healthcare

    Insurance

    Legal

    Logistics

    Manufacturing

    Media and Entertainment

    Metals and Mining

    Pharma and Life Science

    Retail

    Sports

    Travel and Hospitality

  • CISCO

    Google

    IBM

    Microsoft

    Oracle

    Salesforce

    SAP

    ServiceNow

  • Business Intelligence

    CEM

    Cloud-based Planning

    Cognitive

    Collaboration

    Compliance

    Contact Center

    Contact Tracing

    Contactless Payments

    Corporate Finance

    CRM

    Custom Software Development

    Data Center

    Digital Signage

    Enterprise Architecture

    Enterprise Asset Management

    Enterprise Communications

    Enterprise Contract Management

    Enterprise Performance Management

    ERP

    Facility Management

    Field Service

    Fleet Management

    Gamification

    HR Technology

    IT Infrastructure

    IT Service Management

    Managed Services

    PLM

    Procurement

    Product Management

    Project Management

    RegTech

    Revenue Management

    Sales Tech

Menu
    • ERP
    • CISCO
    • Collaboration
    • Compliance
    • Contact Center
    • Healthcare
    • IT Service Management
    • Microsoft
    • Retail
    • MORE
    #

    Apac CIO Outlook Weekly Brief

    ×

    Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from Apac CIO Outlook

    Subscribe

    loading

    THANK YOU FOR SUBSCRIBING

    • Home
    • ERP
    Editor's Pick (1 - 4 of 8)
    left
    ERP in Healthcare - Impact of Cloud & IoT?

    Niranjan K Ramakrishnan, CIO, Sir Ganga Ram Hospital

    The Keys to Executing a Business Transformation

    Scott Spradley, CIO, Hewlett Packard Enterprise

    SYSPRO: Simplifying Success through ERP

    Regional CEO - Asia Pacific

    NetSuite: Elevating Business Performances

    President & CEO

    Hilsoft: Automating Businesses with ERP World Class

    CEO

    Strategic Competitive Advantage with ICT and ERP

    Simon Hartfiel, CIO, Carinity

    Step Away from the Spreadsheet The argument for IT planning solutions that bring you out of the grid

    Paul Bryan, VP - Products, Apptio

    The Silicon Valley Mindset - Enterprises Secret Sauce in Changing their Game

    Lionel Lim, VP & MD, Asia Pacific and Japan at Pivotal Software, Inc.

    right

    "CIOs & Cyber - What The Boards Needs To Know"

    By Julie Cullivan, and CIO, Fire Eye and CIO, Fire Eye

    Tweet
    content-image

    Julie Cullivan, and CIO, Fire Eye

    'Are we vulnerable to a cyber attack?'

    This question may be top of mind for today's Board member, but it's the wrong one to ask. The conversation really needs to begin with two questions - 'How can we decrease our risk of attack?' and 'What should we have in place to manage an attack if it occurs?'

    This approach better suits the cyber security environment today, because as we see time & again, breaches will happen despite the best cyber security tools. Boards need to understand that it is simply a matter of time before an attacker gets into their network. With that, they must also recognize cyber security is now an enterprise security issue, and the CIO is often the person who needs to convince them. A breach can do serious damage to an enterprise's reputation, brand, and bottom line - the sooner everyone realizes the entire organization is at risk, the better.

    Board members don't need to understand all of the technology behind the defenses; it's not about training them to become engineers. But CIOs and executive staff together need to help Boards understand that there are significant issues from a cyber perspective and that today's sophisticated attackers require enterprises to be proactive rather than reactive.

    CIOs and Boards - The Conversation

    The idea is to determine where your enterprise is, where you want it to be, and how long it will take for you to get it there. This requires agreement on what the priorities are.

    When a CIO is addressing this with the Board, there are three considerations to get the conversation underway:

    1. How secure do we need to be? Is it good enough just to meet the requirements that mean we're compliant, or do we need to ensure we've done all we can to keep cyber criminals from getting in and stealing PII? The answer will determine a great deal about the strategies that need to put in place. It also begs the question: without being 100% secure (which is impossible), what tradeoffs are we willing to make?

    2. How can we truly measure and make decisions about risk? The CIO needs to help the Board truly understand the risk implications of a breach. Preparing for an attack is absolutely crucial, and it requires thinking through everything from remediation to loss mitigation. These aren't things to consider after you discover someone's been inside your network; they are strategic considerations that need to be dealt with beforehand.

    3. What plans do we have in place? It's a matter of time before your enterprise is targeted if it hasn't already been breached - 97% of organizations have already been attacked. With that in mind, a CIO needs to have a plan ready to share with the Board.

    Things to consider: Who gets called immediately (consider the security experts, the executive staff, the legal team, and the communications people); how to isolate the infected devices; what your disclosure and liability exposure is; and how to release the information to your stakeholders. Of course there are plenty of other considerations - these are just a few of them. The main thing is to think about them now, before a breach, and have a written playbook in place to make it easier after an attack.

    With those questions answered, it's up to the CIO to implement a risk strategy. They certainly need to make sure that their security program aligns with what the executive team & the Board decides is appropriate for the enterprise.

    That requires making sure the budget is adequate to cover the desired risk profile, which can be a huge disconnect. All too often, a CIO is expected to deliver a robust security program with a budget that can't support it. It's up to the CIO to educate the executives and the Board about the liabilities, how to measure and rate risk, and what it will take to protect the enterprise. That education needs to include a cold, hard look at the costs associated with cyber security - a difficult, but necessary, conversation to have with the organization's leadership.

    As more executives begin to understand that accounting for cyber risk can't rest solely with IT and it is an enterprise-wide issue, they are better prepared to help the company prevent, detect, analyze and respond to a cyber incident. From having a communications strategy in place to an incident response plan, today's cyber landscape poses an enterprise risk that goes far beyond IT. The sooner an organization recognizes that, the better prepared it can be for the inevitable.

    tag

    cyber criminals

    cyber attack

    Weekly Brief

    loading
    Top 10 ERP Solution Companies - 2018
    Top 10 ERP Consulting/Services Companies - 2018

    Featured Vendors

    SYSPRO

    Shaun Butler , Regional CEO - Asia Pacific

    Nityo Progression Consultancy

    Ker Mui Chong, Founder & MD

    ON THE DECK

    Content Management System 2020

    Top Vendors

    Contactless Payments 2020

    Top Vendors

    Admired Tech 2020

    Top Vendors

    Previous Next

    I agree We use cookies on this website to enhance your user experience. By clicking any link on this page you are giving your consent for us to set cookies. More info

    Read Also

    Accelerating Petcare Innovation through CRM and Digital Vision

    Accelerating Petcare Innovation through CRM and Digital Vision

    Miao Song, Chief Information Officer, Mars Petcare
    How Cloud Systems are Impacting Business Environments

    How Cloud Systems are Impacting Business Environments

    Martin Stegner, CIO, NOVUM Hospitality
    Digital Tack

    Digital Tack

    Claus Nehmzow, Chief Innovation Officer, Eastern Pacific Shipping Pte
    Brokering the Cloud Services

    Brokering the Cloud Services

    Eric Boyette, Secretary & State CIO, Information Technology
    Defining a Cloud Strategy: A Higher Education Paradigm

    Defining a Cloud Strategy: A Higher Education Paradigm

    Russell M. Kaurloto, VP and CIO, Clemson University
    The 4Ps of Digital Transformation in Pharmaceutical Industry

    The 4Ps of Digital Transformation in Pharmaceutical Industry

    Debraj Dasgupta, Operating Officer, Head of Strategy and Go-To-Market Planning Division, Nippon Boehringer Ingelheim
    Technology’s Role in The Care and Quality of Life for The Aged

    Technology’s Role in The Care and Quality of Life for The Aged

    Jose A Perez, Chief Information Officer, Hammondcare
    How ECM is Revolutionizing Organizations

    How ECM is Revolutionizing Organizations

    Thomas Phelps IV, VP of Corporate Strategy & CIO, Laserfiche
    Loading...

    Copyright © 2021 APAC CIOoutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy Policy  |  Sitemap |  Subscribe

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://erp.apacciooutlook.com/ciospeaks/-cios-cyber-what-the-boards-needs-to-know--nwid-621.html?utm_source=google&utm_campaign=apacciooutlook_topslider