With the 1 year anniversary of the Target data breach approaching much has changed in the privacy and information security landscape since the mega breach. No position has felt the ripple more than the Chief Information Security Officer. The risks have not subsided, or the challenges reduced, but the level of publicity those two breaches received has forever changed the corporate landscape.
“But now, as a direct result of disasters like the eBay and Target breaches, the stakes of data security are becoming painfully clear to the CEO, board of directors and other senior executives. The CISO is still the CISO, but suddenly, the job offers new opportunities to wield real influence.”
“Cybersecurity breaches have happened for years, but the Target breach was the “tipping point” for corporate board involvement, said Mr. Stewart. Now, the potential breach at Home Depot underscores the point that cybersecurity is a risk that must be managed at the board level, he added.
“After the Target breach happened, one of the first things I was asked by the board was, ‘could it happen to us and if no, why not?” said Rich Mason, chief security officer and vice president at Honeywell International , speaking on another panel at the conference sponsored by Box Inc. “The security questions are coming up faster and more frequently,” he said.”
What is unclear is if the money will follow the risks but at least now the executive boards are listening.