Skip to main content
close search
site logo

Why cyber is also a CIO problem

When an incursion occurs, IT teams need a recovery plan and backup systems ready to deploy.

Published May 25, 2023
Matt Ashare's headshot
Senior Reporter
Ransomware Malware Attack. Business Computer Hacked. Security Breach.
AndreyPopov via Getty Images

First published on

CIO Dive

CAMBRIDGE, Mass. — Ask a room full of CIOs if their organizations have suffered ransomware attacks and only a few reluctant hands will be raised.

Statistics, however, tell a different story, Jeff Reichard, VP of solution strategy at Veeam, said during a Tuesday panel at the MIT Sloan CIO Symposium.

Attacks are common, according to a January report by the security software company, which surveyed 4,200 IT leaders. It found that 85% of organizations suffered at least one ransomware incident last year.

“Regulated industries are accustomed to auditors looking at their environment a couple of times a year,” Reichard said. “But everyone in this room is getting audited every day by cybercriminals.”

While many organizations have a CISO to attend to daily security concerns and coordinate broader enterprise strategy, cyber threats and the accompanying fallout are a CIO problem, too.

Just as in any IT operations crisis, the CIO has to be ready to manage the recovery process and find a way to keep the business up and running. 

Having a reporting and response plan is essential, particularly if it’s not locked inside a compromised application.

“We have a very thorough response plan,” Bill Brown, CISO and CIO at healthcare data management company Abacus Insights, said during the panel. “But, when an incident hits us, are we going to be able to get that big plan off of Confluence?”

In addition to backing up critical data, Brown’s team is addressing enterprise communication contingencies through a simple fix — installing Slack, Zoom and Microsoft Teams on company mobile devices.

Recreating 250 endpoint devices from scratch requires preparation, Brown said.

Planning should include an estimate of minimum assets needed to keep IT functional and situational preparedness for extreme events, such as a scenario in which an adversary has cracked every administrator password, Reichard said.

The fallout can be difficult to predict or control, especially when outside investigators are involved.

Companies fortunate enough to have cyber insurance can find themselves hamstrung by procedural roadblocks to recovery. Insurers may ask IT to stand back and wait for their team to arrive, which may take hours or days, Reichard said.

A similar problem can emerge when law enforcement gets involved. To an investigative agency, servers contain potential clues subject to chain-of-evidence protocols, which can restrict IT’s access to hardware and software.

“If your plans haven't accounted for the idea that your data center may have virtual yellow police tape around it, then you might not be setting the right expectations,” Reichard said.

Rather than considering the possibility of attack, CIOs should prepare for the eventuality, said John Allen, VP of cyber risk and compliance at cyber defense company Darktrace, during the panel.

The goal is to shift the conversation away from whether or not an attack might happen to what can be done to limit the impact, Allen said. 

CIOs can work with CISOs to move beyond patch cycles, reporting procedures and awareness training to the practical matter of bringing IT back online in the wake of an attack.

Filed Under: Strategy

Editors' picks

Company Announcements

View all | Post a press release
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
DigiCert Unveils 2025 Security Predictions
From DigiCert
November 21, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Editors' picks
Latest in Strategy
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell