Executive Essentials: CIOs’ Role in Security and Risk

Cyber attacks on company and Public Administration IT systems are on the increase, becoming both more widespread and more sophisticated, making them harder to identify and to combat.

According to the latest Report published by Clusit, the Italian Association for Information Security, 2022 was the worst ever year for cyber security at a global level, registering +169% attacks compared to 2021. There were on average 207 attacks per month, compared to an average 171 in the previous year. The highest monthly total registered in the year (and ever) was 238 attacks in March.

In light of this, company security must become a priority investment in the budgets of companies and organizations wanting to develop their businesses.

If, on the one hand, staff training is a key factor in reducing companies’ exposure to cyber threats, on the other hand are the members of top management directly involved in making strategic choices for this area.

In their report “Executive Essentials: CIOs’ Role in Security and Risk”, our understanding is that Gartner® assesses the areas of intervention and responsibility of Chief Information Officers and their relationship with the Chief Information Security Officer (CISO) and other company members.

More specifically, as far as security is concerned, the CIO must aim to:
  • Create a defendable security program.
  • Develop operating models to manage IT risks and cybersecurity.
  • Develop tools and key parameters for communicating the risk and security level.

The report examines these targets, providing CIOs with concrete guidelines on how to achieve them and relative metrics to evaluate the results produced.

Gartner, Executive Essentials: CIOs’ Role in Security and Risk, Paul Furtado, 16 May 2023.

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Cybersecurity is a choice. CIOs must develop a strategic vision that balances the need for protection with the desired business results.

How can it be done?

Download the Gartner Report to find out.

By clicking send, I confirm that I have read and understood the Aruba S.p.A. Privacy Policy

I agree to receive promotions and offers relating to Aruba S.p.A. services and products through traditional methods (e.g. ordinary mail, landline calls) and/or automated methods (e.g. email, SMS, MMS, fax, pre-recorded calls).