Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Social Responsibility's Strategic Benefits
December 15, 11:30 AM - 12:30 PM US/Eastern (GMT-5)
Join Ed Granger-Happ, CIO of Save the Children, for a discussion of how creating an organization that is socially responsible improves staffing, retention, leadership development and overall corporate health.
Working With and Communicating to Your Board of Directors
January 13, 2009, 4:00 PM - 5:00 PM US/Eastern (GMT-5)
CIO panelists who will share tips and experiences working with their boards: Twila Day of SYSCO; Jeff O'Hare, West Corp.; Marc West, formerly with H&R Block.
IT's Role in Growing Mid-Market Companies
January 14, 4:00 PM - 5:00 PM ET (GMT-5)
Mid-market Council members will share their companies' stories and challenges in driving or coping with growth. Panelists represent Veterinary Pet Insurance, Medicis Pharmaceutical, and Intrax Cultural Exchange.
Learn more about the CIO Executive Council »Apply today for a FREE subscription to CIO Magazine!
March 01, 2007 — CIO — Boo!
TJX.
Does that scare you?
It doesn’t? How come? Is it because TJX, which got hacked in December and then got raked over the coals in the press in January is big and you’re...well, smaller?
No. You’re smart. It does scare you. It scares the pants off you.
And it should.
If you’re a CIO at a mid-market company, you know you’ve got a problem. It gnaws at you and keeps you up at night. You know that hackers, fraudsters and even organized crime are increasingly targeting your company’s systems and applications. They’re going after personal data, customer accounts and trade secrets. The bad guys are purchasing goods with stolen credit cards. They’re working hard (perhaps harder than you are to stop them) to get their hands on anything of yours that may be of value to them.
The truth is, you’re so worried about your security posture that you don’t even want to talk about it. You certainly don’t want to talk to CIO, even anonymously. But we know (because experts tell us) that compared with CIOs at large corporations, you mid-market CIOs don’t have the budget, the sophisticated IT skills on your staff or the time to take away from core IT operations to build better defenses. You’re wide open, and right now you’re just hoping you’ll get lucky enough to duck something terrible coming at you from an unknown direction.
Increasingly, the neighborhood you live and work in has become a dangerous place.
“A lot of attacks are being made on the mid-level companies because it’s a smaller hill to climb,” says Robert Richardson, director of the Computer Security Institute in San Francisco.
“That’s just a plain fact.”
There’s no doubt that the 4,000-plus mid-market companies in the United States are extremely vulnerable. About 43 percent of mid-market companies have annual security budgets below $100,000, while about the same proportion of large companies (40 percent) have security budgets that exceed $1 million, according to the 2006 “Global State of Information Security” survey conducted annually by CIO and PricewaterhouseCoopers. (To see all the data, go to www.cio.com/091506.) On top of that, mid-market companies typically don’t have a security expert on staff. Only about 20 percent employ a CISO compared with 42 percent of large corporations. Finally, mid-market CIOs don’t have the tools to identify their weaknesses. Fewer than a third use vulnerability scanning software to find holes in their systems, while 46 percent of their larger counterparts do.
Just the basics, please. Sometimes we all need a refresher or we need to make sure our team and our colleagues are all on the same page.
Over 25 tutorials on everything from business intelligence to virtualization.