CIOs asked to monitor workers in their companies need to look at their own departments first Before CIOs start worrying about other parts of the business, they need to make sure their own hatches are battened down.Richard Hunter, a vice president and analyst on security and privacy with Gartner, says that CIOs should regularly run IT security audits on the “practices and procedures related to IT operations,” including checking on passwords, logging capabilities, reviewing how systems are monitored and other access control mechanisms. The audit needs to be an objective “examination of records by an impartial third party,” Hunter says.In addition to ensuring that he has appropriate checks and balances in his IT group, John Halamka, CIO of CareGroup and Harvard Medical School, retains Third Brigade, a white-hat hacking company, to conduct periodic vulnerability assessments. Besides providing a checkup on his security systems, Third Brigade can also tell Halamka what his IT staff could do to his systems, if they so chose. (Halamka says he’s never had to fire an IT person for abusing his IT access privileges.) SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe “What I always say is, if you don’t think you have security problems, you haven’t looked hard enough,” says Halamka. Related content feature Gen AI success starts with an effective pilot strategy To harness the promise of generative AI, IT leaders must develop processes for identifying use cases, educate employees, and get the tech (safely) into their hands. By Bob Violino Sep 27, 2023 10 mins Generative AI Generative AI Generative AI feature A fluency in business and tech yields success at NATO Manfred Boudreaux-Dehmer speaks with Lee Rennick, host of CIO Leadership Live, Canada, about innovation in technology, leadership across a vast cultural landscape, and what it means to hold the inaugural CIO role at NATO. By CIO staff Sep 27, 2023 6 mins CIO IT Skills Innovation feature The demand for new skills: How can CIOs optimize their team? By Andrea Benito Sep 27, 2023 3 mins opinion The CIO event of the year: What to expect at CIO100 ASEAN Awards By Shirin Robert Sep 26, 2023 3 mins IDG Events IT Leadership Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe