Mark Brown, Executive Director EY, Cyber Security & Resilience
The consumer products (CP) sector is evolving, and e-commerce is the norm rather than an exception. Forecasts show that e-commerce globally will almost double from US$1.2 trillion in 2013 to US$2.36 trillion in 2018. With new developments, however, come new challenges. And one of the costliest challenges in the industry today is cybersecurity. But, as some companies have experienced, cybersecurity can also act as a catalyst that helps organizations enhance their business models and unearth new sources of revenue.
Cybersecurity breaches – be it loss of consumer data, customers receiving spam mails or a hacked website – can wreak havoc on brand reputation. Companies, therefore, are becoming increasingly willing to invest proactively in IT to prevent security breaches and the resulting damages to brand reputation. This, in turn, can safeguard them from cybersecurity risks, help enhance customer experience and tap into new revenue streams.
CIOs are in an ideal place to change the way companies see and utilize IT. With that, they can not only set the direction for an improved cybersecurity strategy, but also realign the company’s business model to meet customer needs more effectively. To do that, CIOs would have to adopt a three-step approach:
- Become a business leader: to use cybersecurity as a catalyst for business change, CIOs will have to assess the company’s cyber resilience and translate the business imperatives of the cyber risks the company is facing into a language the C-suite understands. In other words, there is a strong need for CIOs to become business leaders. This is not a new advice; in fact, this very blog has discussed several times, in the past, the need for the CIO to step away from the traditional role of being a technical expert who merely keeps the business running. Our guest blogger Kim Andreasson, for instance, wrote last year about how CIOs can get boards to pay attention to cyber threats. However, we still see CIOs changing rather slowly, which will ultimately jeopardize their chance to shine in front of their C-suite colleagues and also shut the company’s doors to additional revenue.
- Get your security ducks in a row: to get consumers to trust the brand, CIOs will have to ensure that consumer data is safe, the company’s online shopping experience is secure and that IT services are continuous and accurate across all channels. They need to be able to identify and manage an IT infrastructure that is the most appropriate and safe. It will be up to CIOs, initially, to map out the business case for a new IT infrastructure and to convince the board to invest in IT. CIOs will also be charged with implementing the new infrastructure and to secure a smooth transition.
- Find the added value: introducing new, more secure technologies and systems into the organization and using those to add value to the business will catapult the CIO from a technical expert to a valued member of the C-suite. CIOs will have to speak with their line-of-business counterparts to understand what they are trying to achieve and how new investment in IT could accelerate their business processes. Today’s businesses require CIOs to understand their role in managing profit and loss and business growth, and not merely manage technology.
Issues such as digital, big data, data analytics and e-commerce should all be in the remit of the progressive CIO, but these areas can easily leak to other parts of the business and C-suite roles if open-minded thinking is not demonstrated. By always being at the vanguard of technological and digital advancement, the CIO will begin to be viewed not as a “head of helpdesk” but as someone who can help generate income for the company.