On December 11, NetSPI Managing Director Nabil Hannan was featured in TechTarget:
At the end of the day, cybersecurity is a financial issue. Breaches can result in significant financial loss and reputational damage. Consider these statistics:
- The global average cost of a data breach is $3.86 million, according to the
“Cost of a Data Breach Report 2020,” with the U.S. having the highest average at $8.64 million.
- Another report found that insider threats are the most expensive category of attack to resolve, costing an average of $243,101. And this number is increasing.
- Lastly, in just the first six months of 2020, 3.2 million records were exposed in the 10 biggest breaches – eight of the breaches occurred at medical or healthcare organizations. Healthcare was deemed the costliest industry by the “Cost of a Data Breach Report” with the average cost of a breach reaching $7.13 million.
Now forget those statistics; push them aside. While it’s important to understand the financial aftermath of a breach, security teams need to uncover more proactive methods for communicating the value of their investments with organizational leadership to get buy-in (and funding) upfront. However, communicating the return on investment (ROI) of a security program, in which the results are not always tangible, has proven to be a challenge for security leadership.
The shift to a more proactive security program assessment can only occur if the chief information security officer (CISO) first has a greater voice at the table in the boardroom. As the individual most responsible for ensuring information assets and technologies are adequately protected, the CISO can serve as a bridge between the highly technical voices in infosec and other C-suite executives who are more financially, operationally or innovation focused.
And who among the C-suite can make this shift a reality? The chief financial officer (CFO). CISOs need to establish a stronger relationship with their CFO and financial team to better communicate the value of existing, and future, security investments. Here are three ways – and reasons why – the CISO and CFO should work more closely together.
Read the full article here: https://searchsecurity.techtarget.com/post/3-reasons-why-CISOs-should-collaborate-more-with-CFOs