20 March 2018
In this blog, we explain how data security is increasingly a topic that impacts the most senior executives and board members. Only by setting up a comprehensive data risk management programme that delivers metrics directly to senior managers can organisations properly manage the risk.
Data security – whose responsibility?
While data security may still sound like a topic for IT and security teams, it’s becoming increasingly important for business executives.
In a recent IBM-commissioned survey of 150 decision makers (written up by Forrester in a January 2018 Opportunity Snapshot), more than half of respondents said that the CEO or board members would be most accountable to external stakeholders in the event of a data breach. Senior jobs are literally on the line, particularly in the light of stiff financial penalties for failure to comply with the General Data Protection Regulation (GDPR) from May 2018 onwards (up to 4% of revenue or €20 million, whichever is greater).
Given that 58% of the survey respondents had experienced a breach of data protection rules (and 60% of the remainder could not say with confidence that their systems have remained secure at all times), senior executives clearly need to sit up and take notice.
Of course, C-level staff are not expected to grab a keyboard and start coding a new enterprise firewall. But they do need a better understanding of their organisation’s policies and procedures around data security, and they need to make sure that they have an effective data risk management programme in place.
Gain comprehensive visibility
As organisations have seized new opportunities to use data to enhance operations and customer experience, the risk of data compromise or loss has grown. Breaches could result not only in GDPR penalties, but also in high operational costs for incident response, lost productivity, reputational damage, and loss of investor confidence.
Business leaders need to play a more active role in understanding the risks and protecting against breaches of important data and intellectual property. However, they are often hampered by the communication barrier: IT security and risk teams speak a different language and find it challenging to deliver the top-level information needed by senior decision-makers. What’s needed is a tightly focused set of strategic and operational metrics that provide comprehensive, continuous visibility into the current risk status and the potential impact of a breach.
By providing at-a-glance dashboards of sensitive data assets and business risk, updated in real time, IBM Data Risk Manager gives senior managers the ability to isolate the signal from the noise, empowering them to make better decisions to protect data.
For more information on IBM Data Risk Manager, read the Forrester report or contact Northdoor directly for help on getting started.