Our anonymous author recounted what happened when a change in company leadership resulted in the blunt-force dismantling of his carefully architected, risk-based security program. Reasonable people can disagree over whether converged security governance is in all cases the right approach, but what happened in our columnist’s company went well beyond a difference of opinion over organizational strategy. Instead, it was a form of rejectionism by a CEO who simply doesn’t buy the idea that risk-based decision making creates opportunity, in a framework of rationality, and is an important strategic element of corporate leadership. Thus, a structure created to add value and quality to business performance was suddenly viewed, through different eyes, as a cost-cutting opportunity. Our author turned out the lights and skedaddled.In running this magazine, we try to talk to the profession’s leading lights.We act as a virtual networking opportunity, where readers can look over the shoulders of enlightened peers and come away with ideas of potentially high value to try out in their own shops. But overexposure to leading lights carries with it the risk that we may come to believe that reality is far more evolved or advanced than is actually the case. And—son of a gun!—it seems possible, even likely, that there are way more myopic short-term thinkers running companies than we might ever have supposed.And this reminds me anew that the need remains urgent for there to be a steady flow of executive education about security and risk. Until the day when it becomes literally unthinkable for a new CEO to propose the neutering of a well-crafted security model, the requirement to administer this unceasing curriculum will be part of the CSO’s duties. A strong program of internal influence and awareness is therefore a CSO’s best practice of untold value. And still there will always be pockets of backwardness in those who believe they can’t afford to think beyond the next two quarters, making them able to comfortably strip away activities that appear to be cost-avoidance opportunities rather than precious business assets. Because of his abundant talent, our anonymous author landed on his feet. But what did he leave behind? A more efficient and streamlined business?Or one that is headed in a dangerous direction? Let us know your thoughts. Related content news Multibillion-dollar cybersecurity training market fails to fix the supply-demand imbalance Despite money pouring into programs around the world, training organizations have not managed to ensure employment for professionals, while entry-level professionals are finding it hard to land a job By Samira Sarraf Oct 02, 2023 6 mins CSO and CISO Technology Industry IT Training news Royal family’s website suffers Russia-linked cyberattack Pro-Russian hacker group KillNet took responsibility for the attack days after King Charles condemned the invasion of Ukraine. By Michael Hill Oct 02, 2023 2 mins DDoS Cyberattacks news ShadowSyndicate Cybercrime gang has used 7 ransomware families over the past year Researchers from Group-IB believe it's likely the group is an independent affiliate working for multiple ransomware-as-a-service operations By Lucian Constantin Oct 02, 2023 4 mins Hacker Groups Ransomware Cybercrime feature 10 things you should know about navigating the dark web A lot can be found in the shadows of the internet from sensitive stolen data to attack tools for sale, the dark web is a trove of risks for enterprises. Here are a few things to know and navigate safely. By Rosalyn Page Oct 02, 2023 13 mins Cybercrime Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe