Looking back at history many studies show that good leadership can make a big difference. Organisations with leaders who understand the potential risks and impact of cyber security will be significantly better equipped to prevent or react to it. However, a recent survey states that just 28 per cent of UK CEOs across all sectors are particularly concerned about cyber threats in the coming year.
To address cyber security, effective leaders focus on three simple things:
Ask the right questions: Effective leaders probe the experts about what they don’t understand about their products and processes and the risks involved. Learn all about the underlying assumptions supporting these products instead of pushing the responsibility further on in the “security chain”.
Seek out a diversity of opinions and perspectives: Consult with a mix of people with different perspectives, backgrounds and knowledge to predict, assess and manage risk. Listen to people who bring different points of view to the discussion. The benefit of cyber technologies is good for most organisations’ bottom lines, but don’t get caught up in the success of the moment.
Act with integrity: Effective leaders in crisis are people of good character. Be aware of your limitations. Be determined to contribute to the good of your organisation and the communities in which they operate. For instance, don’t try to cover up breaches of data security, to avoid embarrassment.
Source: Carol Stephenson, O.C. (2010), The Role of Leadership in Managing Risk, IVEY Business Journal, Nov/Dec; Chambers, J and Stewart, J.N (2015), Why Cybersecurity Leadership Must Start At The Top, Jul 13, Forbes; Farhat, V., McCarthy, C., Raysman, R., and Holland & Night (2011) Cyber Attacks: Prevention and Proactive Responses, Practical Law Company on its PLC Intellectual Property & Technology web services
Action Point
Consider if your organisation is giving cyber security enough thought. How could you proactively draw attention to this amongst senior management?