In-depth

Splunk: Don't make CISOs scapegoats for data breaches

Monzy Merza says security is everybody's problem

Data encryption

CISOs and CIOs do not deserve to be fired for data breaches, according to the head of security at analytics firm Splunk.

Instead, chief security evangelist Monzy Merza believes data security is everybody's responsibility, warning that making scapegoats out of security experts damages morale.

He told IT Pro: "When the CISO is fired, what do you think this does to the security team? Firing their leadership is not a way to maintain talent and morale on that team.

"These guys defend things day in, day out and something gets through, for any number of reasons. I'm not saying everyone's an angel and they all do perfect jobs, but maybe they have organisational constraints."

Recent data breaches have seen CIOs, CISOs and CEOs leave their companies in the aftermaths, as media scrutiny ramps up and revelations about the hacks stream out over the following weeks and months.

High profile examples include a suspected Chinese hack which exposed the details of millions of US government employees and their families from the Office of Personnel Management (OPM) over the summer.

Just yesterday the department admitted that the hackers also got away with 5.6 million employees' fingerprints, but the division's former director, Katherine Archuleta, resigned in July over the incident, faced with growing pressure from politicians.

Noel Biderman, ex-CEO of infidelity dating site Ashley Madison, also resigned last month over a breach of 33 million users' details.

And CIO Beth Jacob last year quit US retailer Target - a Splunk customer - over a hack that focused on its point-of-sales systems in 2013.

Security is everybody's concern

But Splunk's Merza argued that security is not only the responsibility of the security team, but the entire organisation, and people should not idolise their security team as if it does something incomprehensible to them.

He said: "We have to look at it in a broader sense. Where it works really well is where organisations don't make security teams these high gods, and they work together so if there's a vulnerability that's discovered, they work together to try and figure that out."

Using the example of Apache web log data, he argued that piece of information is important to the entire company - security may find evidence of a SQL injection attack in there, IT can look at it and see how well transactions are running on their servers, and analytics or finance can see what people are buying.

"It's about how do we look at that information, and really it's going to come from understanding the value that's there and we keep coming at it from different ways," Merza said.

"Thereis this notion that we are all responsible for the success of our business, of our mission.If we all take ownership of that, part of maintaining that is to say we're going to operate in a secure fashion and we're going to take action and be responsible."

Featured Resources

Virtual desktops and apps for dummies

An easy guide to virtual desktop infrastructure, end-user computing, and more

Download now

The total economic impact of optimising and managing your hybrid multi-cloud

Cost savings and business benefits of accelerating the cloud journey

Download now

A buyer’s guide for cloud-based phone solutions

Finding the right phone system for your modern business

Download now

What’s next for the education sector?

A new learning experience

Download now

Recommended

Hackers use open source Microsoft dev platform to deliver trojans
Security

Hackers use open source Microsoft dev platform to deliver trojans

14 May 2021
HackBoss malware is using Telegram to steal cryptocurrency from other hackers
cryptocurrencies

HackBoss malware is using Telegram to steal cryptocurrency from other hackers

16 Apr 2021
Cyber attacks against organizations increasing as more staff work from home
cyber security

Cyber attacks against organizations increasing as more staff work from home

17 May 2021
What is phishing?
phishing

What is phishing?

17 May 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
Hackers use open source Microsoft dev platform to deliver trojans
Security

Hackers use open source Microsoft dev platform to deliver trojans

14 May 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

30 Apr 2021