Finding The Hidden InfoSec Story

The CSO, the CSO and the CFO…

Photo Credit: FormerWMDriver via Compfight cc

In case you haven’t heard, there’s a new CSO in town, but for this CSO, the ‘S’ doesn’t stand for ‘Security’, it stands for ‘Sustainability’, and it turns out that these two folks have a lot more in common than just the same three letter acronym.

I was reading this interesting blog post explaining how Chief Sustainability Officers need to get better at talking the language of the CFO if they are to be successful in their organisations. Sound familiar? But the parallels don’t stop there, here are a few more…

–       Sustainability is moving from a ‘check box’ regulatory issue, seen as a tax on the business, to a vehicle for driving business efficiency and bottom line profitability.
–       Once sidelined as a ‘part-time’ role, its importance in driving shareholder value is driving the position up to the board table.
–       Customers are demanding more from businesses that serve them. They want to be assured that organisations are acting responsibly with the assets that they own, process and deliver, and are voting with their feet when these assets are seen to be exploited, wasted or inappropriately disposed of
–       Risk management is at the heart of a successful strategy. Quantifying and articulating that risk in a way such the organisation can understand, and offering measurable strategies to mitigate that risk, are essential.
–       Sustainability is perceived as a competitive advantage, but communicating and quantifying that can be difficult.

As in the world of security, numerous software platforms and data sets are available for organisations to build, model and compare the impact of different strategic decisions, and to quantify associated risks.

I begin to wonder if anyone has ever explored a correlation between the most environmentally responsible businesses and those considered leaders in Information Security? Could the analogy run deeper than it first appears?

Perhaps the CSO and the CSO should go get a beer and compare notes and develop joint strategies for handling the board . Looks to me like they could have a lot in common…

Author: Andrew Moloney

Share This Post On