IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more
In-depth

Splunk: Don't make CISOs scapegoats for data breaches

Monzy Merza says security is everybody's problem

Data encryption

CISOs and CIOs do not deserve to be fired for data breaches, according to the head of security at analytics firm Splunk.

Instead, chief security evangelist Monzy Merza believes data security is everybody's responsibility, warning that making scapegoats out of security experts damages morale.

He told IT Pro: "When the CISO is fired, what do you think this does to the security team? Firing their leadership is not a way to maintain talent and morale on that team.

"These guys defend things day in, day out and something gets through, for any number of reasons. I'm not saying everyone's an angel and they all do perfect jobs, but maybe they have organisational constraints."

Recent data breaches have seen CIOs, CISOs and CEOs leave their companies in the aftermaths, as media scrutiny ramps up and revelations about the hacks stream out over the following weeks and months.

High profile examples include a suspected Chinese hack which exposed the details of millions of US government employees and their families from the Office of Personnel Management (OPM) over the summer.

Just yesterday the department admitted that the hackers also got away with 5.6 million employees' fingerprints, but the division's former director, Katherine Archuleta, resigned in July over the incident, faced with growing pressure from politicians.

Noel Biderman, ex-CEO of infidelity dating site Ashley Madison, also resigned last month over a breach of 33 million users' details.

And CIO Beth Jacob last year quit US retailer Target - a Splunk customer - over a hack that focused on its point-of-sales systems in 2013.

Security is everybody's concern

But Splunk's Merza argued that security is not only the responsibility of the security team, but the entire organisation, and people should not idolise their security team as if it does something incomprehensible to them.

He said: "We have to look at it in a broader sense. Where it works really well is where organisations don't make security teams these high gods, and they work together so if there's a vulnerability that's discovered, they work together to try and figure that out."

Using the example of Apache web log data, he argued that piece of information is important to the entire company - security may find evidence of a SQL injection attack in there, IT can look at it and see how well transactions are running on their servers, and analytics or finance can see what people are buying.

"It's about how do we look at that information, and really it's going to come from understanding the value that's there and we keep coming at it from different ways," Merza said.

"Thereis this notion that we are all responsible for the success of our business, of our mission.If we all take ownership of that, part of maintaining that is to say we're going to operate in a secure fashion and we're going to take action and be responsible."

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

Ten ways to protect your company from the next big data breach
data breaches

Ten ways to protect your company from the next big data breach

18 Feb 2022
Gumtree site code made personal data of users and sellers publicly accessible
data protection

Gumtree site code made personal data of users and sellers publicly accessible

16 Dec 2021
Pizza chain exposed 100,000 employees' Social Security numbers
data breaches

Pizza chain exposed 100,000 employees' Social Security numbers

19 Nov 2021
83% of critical infrastructure companies have experienced breaches in the last three years
cyber security

83% of critical infrastructure companies have experienced breaches in the last three years

11 Nov 2021

Most Popular

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
IT admin deletes company’s databases and is jailed for seven years
Policy & legislation

IT admin deletes company’s databases and is jailed for seven years

16 May 2022