Head of IT: Responsibility vs Power

  • Your Problem?

    It is common to dump Cyber Security on IT. Cyber Defense (thwarting threats) is sort of an IT function, isn’t it?

    Sort of. Making sure that your sys admins do their job is absolutely your responsibility.

    Making sure that literally every employee in the organization doesn’t fall for spear phishing attacks can’t be: most of these people don’t work for you. You don’t oversee them. Why should you be responsible for their choices?

  • Not Your Problem

    Protecting the organization from vulnerabilities in the IT infrastructure is absolutely your problem. But what about the vulnerabilities in related systems such as plumbing or electrical service. Are you responsible for those as well?

    No, almost certainly, you are not. These are areas that have an impact on your operations, granted, but you don’t oversee them. How can you take responsibility for them?

  • What We Can Do

    We can bring clarity to the situation by creating a comprehensive Cyber Security program which clearly defines who is responsible for what.

    That includes budgeting, job descriptions, performance reviews and procedures.

    You have enough to do without vague and scary responsibilities that aren’t meaningfully yours. To elevate your Cyber Security without compromising your core duties, consider our Level 2 offering.