Given the seemingly endless parade of high-profile attacks, their concerns are understandable. This year began, of course, with Target reeling from the news that attackers had stolen credit card information for some 40 million of the retailer’s customers. As this issue of Government Technology went to press, Home Depot was investigating what could be an even bigger theft of its customers’ credit and debit card data, and Apple was struggling to explain the unauthorized release of celebrity photos from its iCloud service.
Events like these can cost CIOs and CISOs their jobs, so it’s little wonder they’re paying attention. Sixty-five percent of respondents in our 2014 Digital States Survey put cybersecurity among their top three priorities. Cloud computing was a distant runner-up at 28 percent.
But while technology officials have worried about security breaches for years — cybersecurity was a top concern in our 2012 Digital States Survey, too — the issue hasn’t been on the radar of top management. Instead, cybersecurity was viewed as a problem for the technology guys to fix, not a risk for leadership to address.
That’s changing now as more and more of us become victims of data theft. A recent report from CNNMoney estimates that nearly half of all adults in the U.S. have had personal information stolen by hackers in the last 12 months, and it’s reasonable to think that many of them are asking why top execs aren’t taking better care of their data.
The Target breach didn’t just cost CIO Beth Jacob her job. Company CEO Gregg Steinhafel resigned in May as the retailer struggled to regain the trust of shoppers. The event sounded a warning that repercussions from identity theft can ripple all the way up to the boardroom. Cybersecurity is getting more attention from state and local political leaders too. Late last year, the National Governors Association released a call to action urging governors to take steps to prevent cyberattacks.
Elevating the stature of cybersecurity is good news for CIOs and CISOs, who are now getting more resources and better executive backing for data protection initiatives. It also puts pressure on technology and security professionals to develop better and more sophisticated responses to cyberchallenges — and that’s good news for all of us.
