Where Does the Buck Stop In Newsworthy Breach? Cyber Governance Twitter Chat Summary

Digital Manufacturing
This Twitter chat has now closed. Find out about the next Twitter chat here

The title for this summary is a politer version of a sassy tweet in a chat about governance and cyber security. Posted by @ S_Clarke22, it effectively nailed the crux of the dilemma facing business trying to stay secure and agile in cyberworld. And it was a worthy response to the first question put to the crowd : “Who owns information and data security?
Butt chat was kick-started by in a spirited fashion  by MTI_Technology who threw down the gauntlet with the tweet:

Cyber Security 1 - Copy

This sustained a long thread of chat debating the relative roles of people, process and policies in keeping organisations secure. There was a strong sentiment that the malicious insider could wreak havoc but that a positive ethos backed by strong governance mitigates the toxic climate that incubates the bad apple.

Meanwhile @katweasle suggested a smart tech architecture and use of compartmentalisation can further protect against the incidents caused by the malicious insider:

cyber security 2

And although attention is naturally drawn to the cyber criminal, the reality of digital life is that most incidents are caused by negligence or ignorance as @ClearSwift pointed out.

Cyber Security 3 - Copy

The nature of governance was also dissected and how suited it is for the fast-moving digital age. A recurring theme was the need for good personal cyber hygiene by all staff – working from the bottom up – as well as sound top-down governance. Similarly rules and regulations have to adapt fast to new business circumstances. So does centralised governance remain an ideal?

Yes, according to @guybunker with the following qualification:

Cyber Security 4 - Copy

While @Real_Security tweeted:

Cyber Security 5

@S_Clarke22 summed it up thus:

Cyber Security 6

Tweeters picked over variations of Question 2 throughout the chat:  which of the C-Suite should be ultimately accountable for cyber security,  the CIO, the CISO, the CEO or the CDO? The majority, including @IronMountainEUR,  thought it was a shared concern, but needs clearly defined accountability:
Cyber Security 10


and @AndrewTang pointed out:

Cyber Security 7


And Q3: ‘What’s the best response to the put down, cyber security is a job for IT’? Drew the following responses:

“They’ll never hit us from that distance” to ‘Laughter’ and, from @okta_uk

Cyber Security 8

Final word goes to co-host of the chat @Nickprescot’s whose parting shot was upbeat:

Cyber Security 13 - Copy

These are the highlights of an energetic chat and please do check the #ITValue for the full transcript of the debate. Next chat is December 3rd, 4-5pm GMT on what will be the digital priorities and challenges for 2015: Digital infrastructure? Digital skills? Digital business? Make the date in your diary now!


Also by Helen Beckett

welcome-feature-imageHelen Beckett is the Community Manager of the Business Value Exchange.  She has been a writer and editor for over 20 years and takes a particular interest in the challenges facing the CIO in today’s business climate.