How do you, as a CIO, convince your board colleagues to focus on cybersecurity?

Errol GardnerBy Errol Gardner, Global Technology Leader, EY.

As our world is becoming increasingly digital, the questions at the board-level are becoming ever more focused on the opportunities and risks facing organizations today. How can we use digital solutions to increase the speed of our supply chain operations? Are our systems able to keep up with the pace of change? Does disruption apply to our organization? Should we store our data on the cloud? What are our competitors doing? What actions are our regulators taking?

What about cybersecurity?

Cybersecurity is a complex topic and often viewed outside of the sphere of concern for many of the C—suite. We work with CIOs who have the challenge of convincing the board to focus on the risks the digital world brings and how it applies to enterprise strategy. If that is you, you’re not alone. According to the EY Global Information Security Survey (GISS) 2015, 54% of organizations do not have a role or department in their information security function that is focusing on emerging technology and its impact and 36% said that they would not be able to detect a sophisticated cyber attack.

How does cybersecurity enable a digital world?

Cybersecurity is not an inhibitor in the digital world; rather, it is a way to help make the digital world operational and sustainable. Cybersecurity is key to helping unlock innovation and expansion, and a tailored organization and risk-centric approach to cybersecurity can adjust the balance of the digital world back toward sustainability and safety.

What this means is that while organizations are talking about cybersecurity and making progress in improving the way they respond to today’s cyber threats and attacks, there is also a need for considerable improvement and investment in cybersecurity operations to take advantage of the opportunities the digital world brings.

Convincing your board colleagues to invest and shape the response to cybersecurity
The GISS investigates the most important cybersecurity issues facing businesses today. It captures the responses of thousands of participants, and findings and conclusions are based on those insights and on our extensive global experience working with clients to help improve their cybersecurity.

Last year, 1755 participants around the globe and across all sectors took time to focus on questions that revealed how they could create trust in the digital world. Our 2016 survey will explore the important issue of how organizations are managing that trust.

Insights from the survey will look at how cybersecurity impacts an organization’s strategy and growth agenda every day, and highlight what best practice looks like. It will explain the skills and actions that your board colleagues need to enable your organization to lead the way in cybersecurity as an enabler.

Operating in a digital world invites new challenges and threats, which are translated into actions and discussion points at your next board meeting. Survey participants receive an individual peer comparison report to understand how they stand against organizations of a similar size and sector.

Having these insights means the next question you will be able to ask is ‘how are we managing our cybersecurity to support our digital business?’ If you wish to participate in GISS 2016, speak with your EY contact or find out more by visiting

One thought on “How do you, as a CIO, convince your board colleagues to focus on cybersecurity?

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s