If you ask corporate board members and senior executives to list their number one risk (other than financial operations), the answer in today’s risk environment is clear – cybersecurity and data privacy.  The rapid elevation of this risk is reflected in weekly headlines announcing ransomware, cyber-attacks and data breaches.

Companies that have experienced a cyber-attack are forever changed.  The board and senior executive team quickly find religion.  But are we really surprised?  When FCPA enforcement was ramping up, companies caught in the cross hairs quickly found religion.  As much as CCOs seek to educate companies on the importance of proactive risk mitigation strategies, boards and senior executives continue to cling to a reactive approach. 

When it comes to cybersecurity and data protection, board members and senior executives have a steep learning curve – it is imperative to learn the risks, the technologies, and risk mitigation strategies.  Chief Information Security Officers recognize the importance of bringing everyone up to speed and establishing a system of enterprise risk management around information technology and security. 

In charting this new path, CISOs and Chief Compliance Officers are coming together in new ways.  CCOs are excellent partners – CCOs have line of sight across the organization, are familiar with risk assessment principles, implement policies and procedures, and can deliver important training and education programs. 

In this Episode, Mike Volkov reviews the evolving relationship between CISOs and CCOs and the important trends in cybersecurity compliance programs.