COLUMN
A CEO’S 5 GOLDEN RULES IN MANAGING A CYBERSECURITY CRISIS Haider Pasha the regional chief security officer, Middle East & Africa region, for Palo Alto Networks elaborates on the five golden rules that should be followed by a CEO while managing a cybersecurity crisis A cyber breach can cause untold damage to a company’s operations, sales, reputation and stock price. It can also suddenly end the successful career of a CEO or CSO, as happened with some cyberattacks in recent years. In fact, Allianz Risk Barometer 2020 – the largest risk survey worldwide – recognized critical business interruptions caused by cybersecurity breaches as the most severe risk to organizations. Even for the best prepared, a cyber crisis could hit anytime. What should you do if you are the CEO of a hacked company?
Rule 1: Take command. This is personal. Roll up your sleeves. Merely delegating the work to the IT team during a cyber breach can be dangerous for the company and for you personally. A number of CEOs of large companies recently learned this the hard way. Cyber risk does not affect only your IT network but also your overall business. Operational disruptions and litigation costs have an immediate effect on your reputation if not prioritized correctly. Hence, it’s not surprising that shareholders are starting to seek personal consequences for companies involved with a cyber crisis. Effectively management of a cyber crisis involves board level engagement at both the COO and CFO level. But a CEO is often the best person to manage it.
Rule 2: It’s all about communication. When hit by a cyberattack, nobody wants 34 - CIO ONE | March /April 2020
Haider Pasha
Regional Chief Security Officer, MEA, Palo Alto Networks
