FEATURE:
//////////////////////////////////////////////////////////////////////////
and targeted attacks, on the other hand,
are more complex. CIO’s need to invest in
advanced tools and expertise, but more
importantly this step necessitates time to
identify the indicators of attack, spot an
incident, investigate it and mitigate the
threat and respond. The CIO should also
put specific policies in place to ensure
that the response is effective and that the
threat is dealt with entirely
• Prediction: The prediction of future
attacks, and understanding the attack
surface, defines the long-term strategic
defense capabilities of a CIO – and is
becoming as essential part of an effective
security strategy, given the advanced threat
landscape businesses are dealing with.
Gerhard Pretorius, the Chief Technology
Officer at Wyzetalk
individuals at the company involved and can
have a life-changing experience for both its
customers and employees.
“While the direct line of data security may
lie with the Chief Security Officer, because
the CIO understands the complexities
and specifics of the IT infrastructure,
the data that is being gathered and the
access protocols, and has a direct line to
the business and CEO, they are in a prime
position to take control or consult on the
security requirements of the business
and as a result, are often responsible for
security overall.”
Badenhorst adds that CIOs need to
examine a strategy that takes the following
into account:
• Threat prevention: This is mostly
covered by technology and most
businesses know that they need to
block generic threats that are emerging
daily – and have this covered through a
comprehensive IT security solution
• Detection and response: Sophisticated
“To mitigate future threats related to the
security of data, CIOs need to shift their
mindsets around security,” said Badenhorst.
“It’s no longer just an IT issue, it’s a business
one and as their role increasingly means
bridging IT into the boardroom, it also
means that they need to look at regular
security assessments, training employees on
general security hygiene, and the analysis
of current and future attack methods to
ensure that they can provide the council that
businesses of today are seeking.”
Gerhard Pretorius, the Chief Technology Officer
at Wyzetalk, believes the traditional role of
the CIO has evolved into one that combines
technical insights with practical know-how
to deliver business value in real-time. And
fundamental to this is the importance of
communication inside the organisation.
“In the connected environment, employees
have access to information not only from
inside the business but also externally in
their personal capacities,” said Pretorius. “All
these data sources combine to change their
expectations on internal service delivery.
“For example, an employee used to contact
the HR department to request information
about a pay slip, leave or a bonus and it might
CIOS NEED TO TAKE THE INITIATIVE
AND SHOWCASE THE STRATEGIC
VALUE THEY BRING TO THE BUSINESS.
42
INTELLIGENTCIO
take a few days for the team to respond.
Today, the speed of interaction between the
information available and the employee has
changed dramatically. Now, it is all about
providing feedback at a much faster rate.
Internal mobile apps and enhanced intranets
deliver richer functionality that empower staff
to be better informed than ever.
“With information being readily available,
CIOs need to manage internal expectations
as much as external ones when it comes to
dealing with important queries. Staff expect
feedback instantly and the solutions need to
be in place that can facilitate this.
“Of course, with the n ature of information
storage changing, CIOs need to be more
acutely aware of the risks associated with
keeping data safe. What used to be locked
up inside a server or document room is now
typically stored in a cloud environment.
Cybersecurity therefore becomes a key part
of the CIO journey into the digital landscape.
And with this, comes a growing realisation
of the compliance requirements associated
with data management, whether that is
from an employee or a customer.
“This real-time environment is also resulting
in an increasing reliance on mobile devices
to keep employees informed. The risk with
this is that many employees rely on their
personal phones and tablets to manage their
professional and personal lives.
“Beyond the typical security measures
that must be taken in this BYOD (bring
your own device) environment, employee
education must be a priority. People use
their own devices to instant message
friends and family. They also use these
consumer-focused solutions to engage with
clients, do their banking and share sensitive
information. The CIO must therefore develop
new service channels to address this and see
less of a reliance on legacy applications.”
CIOs in a digital environment therefore
need to understand not only the technology
innovation taking place but be able to
practically apply it to the organisational
strategy especially in terms of employee
awareness. This requires a more agile
mindset and willingness to adapt to digital
times. The CIOs who are best able to deal
with that, will be the ones that help drive
business success. n
www.intelligentcio.com