“CEOs Make Protecting Data a Top Goal,” The Wall Street Journal, October 13, 2017 B4. Unfortunately, the focus is on cyber-security rather than the broader information risk profile. While this affect CEOs’ email habits, as they are phishing targets?
While this is a start, do CEOs really understand how much their company’s proprietary information is worth? Or their duty to protect the company’s assets (people, physical equipment, cash, and information)? Why not?
And where are the boards? Don’t they have an overarching duty to oversee the major risks the company is facing and to make sure there’s an effective program in place to address?
I hear the violin. Is Rome burning?