by CIO Staff

Why Bosses Must Care About Security

Jun 24, 20052 mins

There’s been no shortage of coverage and commentary on the snowballing incidents of data theft and ID fraud lately. The Economist joins the fray, telling us that information protection, which had been “left, until now, to geeky, low-level IT staff to put right, and seen as a concern only of data-rich industries such as banking, telecoms and air travel… is now high on the boss’s agenda in businesses of every variety.”

As well it should be. CIO News Alerts blog has been following some of the past week’s data loss news. And given that the Economist has a separate story in the same issue on corporate executives actually getting real jail time for their crimes and negligence, there’s an added punch to the directive to top execs to attend to security.

“Boards should pay as much attention to these IT operational risks as they do to other operational risks in the firm,” the Economist quotes George Westerman of the MIT Sloan School of Management, and adds: A wise boss will appoint a senior executive to be responsible for data security—and not just to have a convenient scapegoat in the event of a leak.

This could be a useful article to share if you’re trying to lobby for more support or investment in data security resources at your organization.

What Else the CEO Is Reading

Apparently an unpublished book of deep thoughts on management by Bill Swanson, CEO of Raytheon, has been a cult favorite of CEOs for awhile now, as reported by Business 2.0 (subscription required). (An search gets you only a conciliatory: “Customers who searched for Swanson’s Unwritten Rules of Management expressed interest in:” and a list of some other management titles.) Still, you can get a profile of Swanson and a list of the rules (e.g., Number Three: If you are not criticized, you may not be doing much, or Number Twenty: Cultivate the habit of “boiling matters down” to simplest terms) from CCG, a company promoting minority achievement in science and technology.