All too often in the age of digital communication, corporations are faced with cyber security attacks that lead to data breaches involving loyal customer’s secure financial and identity information. When these cybersecurity attacks become public, the reputation of the corporation can be severely damaged very quickly and the financial and legal impact of such attacks can be devastating. Corporations lose the hard earned trust of the customer they have cultivated and are held liable for significant restitution to their suppliers and to their customers. Corporations will also face the well placed concerns of their investor base.
Yes, corporations are moving quickly to prepare for such attacks but even as corporate leaders develop new state of the art security mechanisms, industrious criminals with advanced cyber skill sets are able to break through firewalls with ease and speed. This constant threat and the corresponding critical need for effective information risk management have now become boardroom issues. Forward thinking corporations, concerned about the far reaching impact of a data breach, are placing cybersecurity preparation at the top of their strategic priority list and board members are demanding strict accountability.
In order to prepare appropriately across the entire organization, many corporations have created formal Cybersecurity teams. These teams are made up of security professionals inside and outside the organization. These experts, from across many department and disciplines, direct all preparation and communication regarding cybersecurity and develop and implement a comprehensive and collaborative plan for recovery in the event of an attack.
We are all well aware that every corporation has information technology management within their executive management structure. However, all too few have taken the additional step to create a separate and well-functioning Cybersecurity team. Those who have done so are clearly investing in reputation management in a very critical way. These well-prepared corporations have the crisis teams in place before the crisis happens and have the expertise in place to immediately analyze the impact of the attack leading to a faster and more effective recovery.
Investing in the reputation of the corporation is a core responsibility of every CEO and executive management team. The CEOs and executive management teams who have stepped forward to proactively strengthen the corporation in the area of cybersecurity are way ahead of the rest. These leaders and their corporations will survive the reputational damage during and after a crisis. Those who have waited for the crisis to happen will pay the price.
For more thoughts on the cybersecurity preparedness and effective authentic leadership within an organization, please read Brian West’s blog, Cybercrime – from the IT Department to the Boardroom.
Janet Robinson is the former CEO of The New York Times Company; Chairwoman of the Presidential Board of Trustees of Salve Regina University and a trustee of the Carnegie Corporation of New York.