Recently I read a good blog post over at Robert Half called CFOs and Cybersecurity: Are You Doing All You Can?
They offered four tips to consider in formulating a cybersecurity strategy (I’ve summarized the tip in italics):
- Help identify risks: Partner with your CIO to find quick wins.
- Be aware of problematic dismissals: Quickly deactivate accounts for departing staff and make smart hires to reduce the risk of bad endings.
- Practice what you preach: Set a great example of cybersecurity hygiene.
- Bring all hands on deck: Figure out how to engage everyone.
It’s a good list, but CFOs also need a reliable, data-driven way to know where to allocate money and people so all their cyber risks are well-managed. So, let me add:
5. Measure status quo
If done well, that data, along with the results of their risk management decisions, can make a compelling story they can share with their stakeholders, including their fellow executives and board of directors.
6. Share the results with your stakeholders
What else should we add to the list?