Cybersecurity Hits the Boardroom

State CIOs and CISOs rank their top priorities.

by / October 10, 2014

When we asked state IT professionals to rank their priorities for the next two years, one issue stood far above the rest: cybersecurity.

Given the seemingly endless parade of high-profile attacks, their concerns are understandable. This year began, of course, with Target reeling from the news that attackers had stolen credit card information for some 40 million of the retailer’s customers. As this issue of Government Technology went to press, Home Depot was investigating what could be an even bigger theft of its customers’ credit and debit card data, and Apple was struggling to explain the unauthorized release of celebrity photos from its iCloud service.

Events like these can cost CIOs and CISOs their jobs, so it’s little wonder they’re paying attention. Sixty-five percent of respondents in our 2014 Digital States Survey put cybersecurity among their top three priorities. Cloud computing was a distant runner-up at 28 percent.

But while technology officials have worried about security breaches for years — cybersecurity was a top concern in our 2012 Digital States Survey, too — the issue hasn’t been on the radar of top management. Instead, cybersecurity was viewed as a problem for the technology guys to fix, not a risk for leadership to address.

That’s changing now as more and more of us become victims of data theft. A recent report from CNNMoney estimates that nearly half of all adults in the U.S. have had personal information stolen by hackers in the last 12 months, and it’s reasonable to think that many of them are asking why top execs aren’t taking better care of their data.

The Target breach didn’t just cost CIO Beth Jacob her job. Company CEO Gregg Steinhafel resigned in May as the retailer struggled to regain the trust of shoppers. The event sounded a warning that repercussions from identity theft can ripple all the way up to the boardroom. Cybersecurity is getting more attention from state and local political leaders too. Late last year, the National Governors Association released a call to action urging governors to take steps to prevent cyberattacks.

Elevating the stature of cybersecurity is good news for CIOs and CISOs, who are now getting more resources and better executive backing for data protection initiatives. It also puts pressure on technology and security professionals to develop better and more sophisticated responses to cyberchallenges — and that’s good news for all of us.

 

Steve Towns

Steve Towns is the former editor of Government Technology, and former executive editor for e.Republic Inc., publisher of GOVERNING, Government TechnologyPublic CIO and Emergency Management magazines. He has more than 20 years of writing and editing experience at newspapers and magazines, including more than 15 years of covering technology in the state and local government market. Steve now serves as the Deputy Chief Content Officer for e.Republic.