Boards of directors and CEOs get the message that a data breach poses huge financial and reputational risks, says Dakin, co-founder and CEO of Coalfire. But now, instead of waiting for security leaders to come to them, these executives are going directly to their CISOs and asking three key questions related to breach readiness and response:
- Am I hacked already and don't know it?
- If we are under attack, how much confidence do I have in my IT group informing me to make decisions at an executive level?
- How good is good enough when it comes to the security fix?
That last question is particularly important, Dakin says, because it's the one that customers care about the most. Business leaders want to know: "How can I look my customers in the eye ... and say 'we're good to go right now?'"
Rather than wait for these questions to come, Dakin urges security leaders to initiate these discussions with CEOs and boards.
"For so long, those of us in the IT security business have felt almost an evangelical challenge to educate the C suite, but they're much more prepared to deal with risk equations than we give them credit for," Dakin says. "This is just a natural progression for them. 'We're going to make decisions that make economic and strategic sense for our business - just give us the data point.'"
In an interview recorded at the Gartner Security & Risk Management Summit, Dakin discusses:
- The three questions for CISOs;
- How to talk security with the C Suite;
- Why IT risk management is unique.
Dakin provides strategic management IT security program guidance for Coalfire and its clients. He has more than 25 years of experience in senior management with leading IT firms. He combines an in-depth knowledge of IT controls with a comprehensive understanding of organizational needs and the rapidly emerging legislation affecting IT security. After serving in the U.S. Army following graduation from the U.S. Military Academy at West Point, Dakin began his management career at United Technology Corporation. Prior to co-founding Coalfire, he was president of Centera Information Systems, a leading eCommerce and systems integration firm.