Getting the backing of your CFO

A recent report by the Internet Security Alliance (ISA) and the American National Standards Institute (ANSI)entitled “The Financial Impact of Cyber Risk” suggests that cybersecurity should be an issue for a number of departments beyond IT.Specifically, it said the chief financial officer, legal, riskmanagement, human resources, public relations and others should beinvolved in managing cyber risk before an embarrassing and damagingdata breach hits the organization.

It’s not unusual to hear reports advising IT to collaborate with thebusiness in an effort to better understand IT’s role in the biggerpicture, be it cyber security or any other IT project. But thesuggestion to take the issue to the highest echelons of theorganization, specifically the CFO, on an issue often perceived assolely IT’s problem is not often heard.

It’s very helpful that through more direct discussions, the CFOwould be made aware first-hand by IT of the negative implications of apotential cyber security attack and of its financial repercussions.Moreover, CFOs control the money and have the power to ultimately grantblessing to a project if s/he deems it vital to the organization, orcan quash it if not.

But budget aside, anyone who has driven a project will tell you thatit’s a very good thing to have a vocal champion for your cause. And, ifthat champion happens to be the person who controls the money, thenthat’s even better.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

IT World Canada in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Latest Blogs

Senior Contributor Spotlight