IT needs friendly face
Finance directors should be kept out of the IT security loop with a chief risk officer taking over the responsibility, according to research.
Nine out of 10 IT security specialists at banks, financial institutions and energy-related firms would rather report to a chief risk officer than a finance director.
‘IT wants a friendly face on the board to fight its corner rather than someone who says: “That’s a lot of money, what sort of return can I expect”,’ said David Howorth, business development director at Defcom, the information security services provider that carried out the study.
‘The CRO would not be compromised by having to deliver to tough financial performance targets or talk up the investment story,’ he said. ‘This development would ensure that operational risk, including IT security, gets the increased attention it deserves at board level.’