Why Organisations need an Information Security Executive

Conclusion: Non-IT executives are often reported as being concerned about the prospect of a cyber incident, but as security is not their area of expertise, responsibility for mitigation and preparation is often devolved to IT. This is a mistake, because as much as lack of any security could be devastating, applying the wrong controls to an organisation can be equally debilitating. Security is a response to risk, and it is the ongoing mandate of executives to demonstrate that they are guiding their organisation through foreseeable risks. Consequently, many organisations would benefit from the appointment of an information security officer who is able to translate between IT and the business and ensure that cyber risks are prepared for responsibly.

Existing Client Login



This Advisory paper is only available to IBRS Advisory clients. To find out more about becoming an IBRS Advisory client complete the attached form and we will be in touch.
Name(*)
Please let us know your name.

Email(*)
Please let us know your email address.

Number(*)
Please enter a valid phone number

Invalid Input