Document Management in the Cloud
Implementing Document Management Solutions
Cloud Based Document Management Pilot at the FDA
Document Management Solution-Paving the Proverbial Cow Path
Thank you for Subscribing to CIO Applications Weekly Brief
CIO ... Only Until the Next Data Breach
By Bob Fecteau, CIO, SAIC
Hype vs. Reality
Cybersecurity is no doubt a significant global challenge, but I question whether we are expecting too much from our IT professionals and if we are giving them proper support. With the public moving toward a zero-fault position, cybersecurity has become an overwhelming focus for CIOs– and increasingly for CEOs, CFOs, boards of directors, and shareholders. A view is emerging that protecting a company’s data from intrusions, breaches, and viruses falls squarely on the CIO and their team. Nothing could be further from the truth. It is a total team effort that must become part of an organization’s DNA.
CIOs, CISOs, and corporate leaders face the complex task of understanding every system, computer, and the connection point, and then knowing what each one is supposed to be doing in a network
During the recent cyber-attack against the U.S. government’s Office of Personnel Management data systems, the public criticized OPM for compromising the data of millions of active and former government, military, and contractor personnel. Critics were quick to point fingers but failed to recognize the challenges associated with securing this type of data in an increasingly complex digital world.
As the House Oversight Committee grilled OPM Director Katherine Archuleta over exactly how many records were compromised (ranging from 14 million to 20 million), the complexity of the challenge was missed. The truth is, it does not matter how many records are compromised. A single record breached is too many and CIOs work diligently every day to ensure data is as secure as possible.
The focus should not have been on numbers, but how the breach was dealt with. When security is compromised, CIOs and their teams have to act fast, smart, and decisively with prepared and tested remediation plans that safeguard those affected, ensure a resolution, and protect other areas that could also be vulnerable to the now known threat. Leaders at all levels must know these plans and procedures and be ready to execute them in these situations. Archuleta, who had held her post for 17 months, was not able to do that. Demands for her resignation came quickly, demonstrating how vulnerable leaders are to a cyber-event.