IT Security: Leadership Guide — The CIO's Role in Protecting the Enterprise from Cyberattacks
This IDC study explores the expanding role of the chief information officer (CIO) with respect to cybersecurity. The increasing importance of cybersecurity is elevating the policy-making roles of the CIO, from managing IT operations to guiding the transformation of work functions as an inseparable part of a digitally managed business. This document explores the CIO's role in overhauling systems configurations and instituting changes in user behavior. It explores the need to create a control center to capture deviations before they infect the organization. This document advises boards of directors and CIOs and their senior staff about essential changes in enterprise security practices and how the CIO must lead in instituting them.
"What should the role of the CIO be in steering the policies and directions of information security?" says Dr. Paul Strassmann, adjunct research advisor with IDC's Research Network. "It is IDC's position that unified accountability for cybersecurity should be vested in the position of the CIO, who ranks at the top executive level of an enterprise."
Please Note: Extended description available upon request.