Leadership & Executive Communication , Training & Security Leadership , Video

Cyber Liability: CISOs Must Be Prepared for Accountability

Panel Discusses Strategies for CISOs to Navigate Executive Liability
Andrew Robson, CISO, Bentley Motors; Quentyn Taylor, senior director, information security and global response, Canon; and Jonathan Armstrong, attorney, Cordery Compliance

As organizations grapple with an increasingly complex and interconnected digital landscape, top-level executives, particularly CISOs and CIOs, are faced with heightened executive liability. With the high-profile cases of CIO Carlos Abarca and CSO Joe Sullivan serving as stark examples, the message is clear - executives cannot afford to be complacent.

See Also: User Entity & Behavior Analytics 101: Strategies to Detect Unusual Security Behaviors

Security leaders must be meticulous in their decision-making and equipped with the right support networks to navigate the intricate terrain of executive liability.

Andrew Robson, CISO at Bentley Motors, said security professionals can no longer assume existing controls are sufficient. It's crucial to verify that controls and risk management solutions are functioning effectively.

Security leaders also must be prepared to justify their decisions not only to their boards but also to external regulators and even prosecutors, said Quentyn Taylor, senior director of information security and global response at Canon.

Attorney Jonathan Armstrong of Cordery Compliance warned about a growing trend of prosecutors targeting individuals within corporations, placing CISOs and CIOs at risk of personal accountability.

"If the chips are down, you may have to - like in the Joe Sullivan case - be able to operate independently," Taylor said. "Your company is just one of the other plaintiffs in the case - and so are you."

In this video interview with Information Security Media Group at ISMG's London Cybersecurity Summit 2023, Robson, Taylor and Armstrong also discussed:

  • The importance of conducting tabletop exercises;
  • How security leaders can prepare themselves in the event of a breach;
  • How organizations can support their CISOs.

Robson is a solutions-oriented IT security specialist who has directed a broad range of corporate IT initiatives and developed effective security policies.

Taylor has experience in delivering security that meets business objectives. His expertise lies in information security, strategic management and risk management.

Armstrong is an experienced lawyer and an expert on data protection and data security law. He advises multinational companies on risk, compliance and technology.


About the Author

Anna Delaney

Anna Delaney

Director, ISMG Productions

An experienced broadcast journalist, Delaney conducts interviews with senior cybersecurity leaders around the world. Previously, she was editor-in-chief of the website for The European Information Security Summit, or TEISS. Earlier, she worked at Levant TV and Resonance FM and served as a researcher at the BBC and ITV in their documentary and factual TV departments.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.