The Impact of Executives’ IT Expertise on Reported Data Security Breaches
研究了CEO、CFO和CIO的IT专长如何共同影响企业数据安全漏洞风险,发现IT精通的CEO将相关技术视为优先事项,CFO侧重控制投资,CIO是保障IT系统的关键高管。
Data security breaches (DSBs) are increasing investor and regulator pressure on firms to improve their IT governance (ITG) in an effort to mitigate the related risk. We argue that DSB risk cannot be mitigated by one executive alone, but, rather, is a shared leadership responsibility of the top management team (TMT) (i.e., Chief Executive Officer [CEO], Chief Financial Officer [CFO], and Chief Information Officer [CIO]). Our results suggest that IT-savvy CEOs see technologies related to mitigating DSBs as a top-three most important type of digital methodology for their firm. Similarly, the results related to CFOs with IT expertise single out the critical investment in controls designed to prevent DSBs. Our strong findings for CIOs on the TMT add to the related guidance from COBIT 5 for information security and consistently suggest that they are the key executive for securing IT systems. Finally, our granular explanation of each executive’s DSB-related responsibility could potentially provide firms the start of a governance-led roadmap for compliance to the Securities and Exchange Commission’s and Justice Department’s cyber regulations.