The three scariest breach consequences for CIOs

Despite the recent rash of high-profile data breaches, research shows that many CIOs are still moving too slowly in their efforts to improve their organization’s security tools and best practices. A recent study from CompTIA, for example, found that only one-third of American businesses require cyber security training and that in more than half of those companies, the CIO makes decisions about security awareness training.

But those CIOs who adopt an “it won’t happen to me” philosophy may be risking even more than they know. Here are a few of the most severe consequences these executives may face after a breach:

  1. Job loss: It may not be fair, but in many cases a CIO will be held primarily accountable for allowing a hack. This is especially true for public companies in which the executive team must answer to a board of directors. In many cases, when such an organization faces a crisis, the board will demand firings, if only to appease shareholders and keep stock prices from plummeting.
  1. Reputational harm: Even if a CIO isn’t let go after a breach, his or her reputation may well take a serious hit inside the organization. The ego hit that comes with losing status inside a company is bad enough, but it may also impact the CIO’s ability to get crucial budget items approved in the future.
  1. Lawsuits: The Wall Street Journal recently published a piece that suggested CIOs will likely have to defend their security measures in court in the aftermath of future breaches. U.S. Office of Personnel Management (OPM) Donna Seymour is already facing a lawsuit after that agency was hacked and attorneys interviewed for the Wall Street Journal article believe that is the beginning of a trend. The best way CIOs can avoid a lawsuit is to commit to end-user training, document a clear strategy and adopt advanced tools for cyber security case management. Taking these steps will significantly reduce the likelihood of a breach and also demonstrate a good faith effort, thereby limiting liability.

Are you looking for a cyber security case management solution that can help you avoid these consequences? Learn more here.

*** This is a Security Bloggers Network syndicated blog from Swimlane (en-US) authored by Cody Cornell. Read the original post at:

Avatar photo

Cody Cornell

Cody is responsible for the strategic direction of Swimlane and the development of our security orchestration, automation, and response (SOAR) platform. At Swimlane we advocate for the open exchange of security information and deep technology integration, that maximizes the value customers receive from their investments in security operations technology and people. Collaborating with industry-leading technology vendors, we work to identify opportunities to streamline and automate security activities saving customer operational costs and reducing risk.

cody-cornell has 132 posts and counting.See all posts by cody-cornell