How CISOs can explain privacy to the C-suite

With the recent moves by the FCC, it is imperative that chief security officers make the company aware of privacy issues.

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

With the recent decisions the Trump administration has made around FCC policies and net neutrality, it has become even more important for security and privacy professionals to educate internal and external stakeholders. It’s the CISO’s role to help inform the C-suite, investors and board of directors about potential security. 

If CISOs are wondering where to start, Malcolm Harkins, chief security and trust officer at Cylance and Ruby Zefo, vice president of the Law and Policy Group at Intel Corporation have put together four privacy and security topics to talk with stakeholders about. 

1. Privacy is not equal to security: Just because an organization keeps its data secure does not mean it had the right to collect or even store the data in the first place. Privacy and security are certainly intertwined and CISOs can explain them as relating to each other like two magnets. Though independent of each other, when turned one way, they are perfectly binding, showing that you need good security to have privacy.

On the other hand, executives do need to remember that security practices can go too far by not understanding the nuances of privacy, which creates a polarization between the two magnets. Under the guidance of their CISOs, we advise executives to take the time to educate themselves on both topics, which will lead to a cohesive approach within their organizations.

To continue reading this article register now

SUBSCRIBE! Get the best of CSO delivered to your email inbox.