Jimmy Koo reports:
Scapegoating the boss over a cybersecurity incident that compromises customer data or reveals unsavory internal communications usually isn’t the first option in a breach response.
Data breaches may result in consumer class actions, organizational embarrassment, a drop in the price of a company’s stock and brand reputation damage, but top executives generally get axed as a last resort, cybersecurity professionals told Bloomberg BNA.
The termination or resignation of a top executive in response to a data breach incident is “the exception, not the rule,” Leigh Nakanishi, senior vice president of Data Security and Privacy at public relations company Edelman, told Bloomberg BNA.
Read more on Bloomberg BNA. And consider this snippet from Koo’s article:
According to a recent report by Bay Dynamics, more than half of information technology and security executives, including CISOs, will lose their jobs due to inadequate cybersecurity reporting (15 PVLR 1272, 6/20/16). The report highlighted the lack of communication between IT executives and boards.