ARTICLE
31 December 2020

CIO Self-Deception Impacts Everyone And Of Course Includes Cybersecurity!

FL
Foley & Lardner

Contributor

Foley & Lardner LLP looks beyond the law to focus on the constantly evolving demands facing our clients and their industries. With over 1,100 lawyers in 24 offices across the United States, Mexico, Europe and Asia, Foley approaches client service by first understanding our clients’ priorities, objectives and challenges. We work hard to understand our clients’ issues and forge long-term relationships with them to help achieve successful outcomes and solve their legal issues through practical business advice and cutting-edge legal insight. Our clients view us as trusted business advisors because we understand that great legal service is only valuable if it is relevant, practical and beneficial to their businesses.
CIO.com reported that included this quote from Scottish novelist Walter Scott "O what a tangled web we weave, when first we practice to deceive." ...
United States Technology

CIO.com reported that included this quote from Scottish novelist Walter Scott "O what a tangled web we weave, when first we practice to deceive." The December 23, 2020 article entitled "10 lies CIOs tell themselves" includes these comments about "CIO self-deception #8: Our information security is tight"

Remember the bit about agilefall and checklists? Far too often, when there's a checklist, checking the boxes becomes the point of it all instead of the checklist being used as a way of keeping track. Information security is subject to the same challenge, especially when there's a compliance certification attached.

PCI, the payment card industry security standard, comes to mind. You might recall that Target lost 40 million or so customer records back in 2013 in spite of its PCI compliance — far from the only loss of data from businesses that had passed some form of information security assessment.

If a CIO thinks information security is tight, he's probably wrong. It's the CIOs who are concerned their information security might have a few holes who just might be in decent shape.

Here are all 10 CIO Self-Deceptions:

CIO self-deception #1: We're aligned with the business.

CIO self-deception #2: The only reason to upgrade software is when a new version provides important business value.

CIO self-deception #3: The big mission-critical project that's fallen behind schedule? We'll catch up in the next phase and deliver it on time.

CIO self-deception #4: We're doing ITIL.

CIO self-deception #5. We're doing agile.

CIO self-deception #6. We're doing devops.

CIO self-deception #7: We have a customer service culture.

CIO self-deception #8: Our information security is tight.

CIO self-deception #9. Our IT governance processes make sure we only undertake high-business-value projects.

CIO self-deception #10: We don't need to involve the business in this.

What do you think?

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More