Category Archives: C-Level

GDPR, American-Style: Preview of Proposed Federal US Privacy Law, Part I

GDPR, American-Style: Preview of Proposed Federal US Privacy Law, Part I

The General Data Protection Regulation (GDPR) has, for good reason, received enormous coverage in the business and tech press in 2018. But wait, there’s another seismic privacy shift occurring, and it’s happening here in the US. There is now a very good chance that significant data privacy legislation will come to the US soon. I’ll go out on a limb, and say in 2019. But if not next year, then certainly in 2020. Yes, we’ll…

CEO vs. CSO Mindsets, Part III: Value at Risk For CSOs

CEO vs. CSO Mindsets, Part III: Value at Risk For CSOs

To convince CEOs and CFOs to invest in data security software, CSOs have to speak their language. As I started describing in the previous post, corporate decision makers spend part of their time envisioning various business scenarios, and assigning a likelihood to each situation. Yeah, the C-level gang is good at poker, and they know all the odds for the business hand they were dealt. For CSOs to get through to the rest of the…

CEO vs. CSO Mindsets, Part II: Breach Risk, Security Investment, and Thinki...

CEO vs. CSO Mindsets, Part II: Breach Risk, Security Investment, and Thinking Like an MBA

In the last post, I brought up the cultural differences between CEOs and CSOs. One group is managing and growing the business, using spreadsheets to game plan various money making scenarios. The other is keeping the IT infrastructure going 24/7, and studying network diagrams while tweaking PowerShell scripts. I think you know which is which. The point of this series is to bridge the divide between these two different tribes. In this post, I’ll be…

CEO vs. CSO Data Security Mindsets, Part I

CEO vs. CSO Data Security Mindsets, Part I

If you want to gain real insight into the disconnect between IT and the C-levels, then take a closer look at the Cyentia Institute’s Cyber Balance Sheet Report, 2017. Cyentia was founded by the IOS blog’s favorite data breach thinker and statistician, Wade Baker. Based on surveying over 80 corporate board members and IT executives, Cyentia broke down the differing data security viewpoints between CSOs and the board (including CEOs) into six different areas. The…