Print this page
Monday, 29 April 2019 18:28

Why Security and Compliance Have a Permanent Seat at the Boardroom Table

Security is a top concern at all levels of the organization, but especially at the board level and C-suite. SoftwareONE’s Mike Fitzgerald champions a “security-first” mentality and discusses the implications of failing to meet industry standards and regulations.

Instances of lost intellectual property (IP) due to data breaches are gaining attention in the mainstream press and in board rooms across the globe. C-suite executives are taking note of these events; security and compliance are no longer just IT issues. They are very real and very urgent business issues. Breaches and noncompliance have a major impact on business. After all, in the U.S. alone, the average data breach could cost a company upward of $7.9 million.

Compliance concerns are receiving attention from existing c-suite executives and have caused enough of a stir to lead to the creation of new roles, such as the Chief Compliance Officer (CCO), who is tasked with understanding and managing the plethora of compliance requirements that organizations must address. The CCO and the Chief Information Security Officer (CISO) need to be aware of compliance requirements on the global level (think General Data Protection Regulation (GDPR)) and on the local level (Health Insurance Portability and Accountability Act (HIPAA) and Sarbanes-Oxley (SOX)), since most organizations store at least some of their data in the cloud. The fine for a breach or lapse in compliance with an industry standard or regulation like GDPR can equal as much as 4 percent of a company’s revenue; that is potentially enough to put a company out of business. This new compliance-driven market makes it imperative to have a security-first mentality when it comes to IT decisions and a thorough understanding of the greater business implications resulting from a lack of proper security practices.