Every organization is led by people who are responsible for setting the overall direction, establishing priorities, maintaining influence over organizational functions and mitigating risks. Given the wide range of organizational types across industry sectors, the titles associated with these roles may vary greatly from CEO to Managing Director to Owner-Operator and beyond, but they share common traits. They are the most senior leaders, or they directly support strategic decision makers. They likely have fiduciary responsibility and budget authority. They may even be owners of the business themselves. Whatever the specifics, these are the leaders who are held accountable for the organization’s well-being and performance. And in today’s world, cybersecurity is among their chief concerns. As noted in the recently-published guidebook, Cybersecurity is Everyone’s Job (a publication of the Workforce Management subgroup of the National Initiative for Cybersecurity Education (NICE)), these leaders have a specific role to play in their respective organization’s cybersecurity posture, with responsibilities that include:
- Managing and mitigating overall cyber-related business risks,
- Establishing effective governance controls,
- Prioritizing and resourcing cybersecurity programs,
- Safeguarding the sensitive information they rely on for planning and decision making, and
- Establishing a cyber-secure culture within the organization.