Skip to content
Menu
rta_logo Executive Management Recruiting Agency
  • About Us
  • Services
    • Risk
    • Compliance
    • Our Markets
  • Our Team
  • Blog
  • Contact Us
  • Candidates
rta_logo Executive Management Recruiting Agency

CyberSecurity – Risk or Compliance Issue?

By mwoodrow on August 30, 2017August 17, 2022

For the past 16 years, I have had the pleasure of watching the risk and compliance professions evolve, stumble, steady, and become a critical mainstream function in financial service firms, as well as multi-nationals and healthcare firms. We have had the great fortune to fill senior risk and compliance roles at top firms including BlackRock, Blue Mountain Capital, Fidelity, Bank of Montreal, Goldman Sachs, GE, Wells Fargo, BP, Protiviti, Blue Shield of California, and Duke Health. It seems to be no coincidence that Risk Talent Associates never received a request for risk or compliance search assistance from Enron, Lehman, Bear Stearns, and certainly not from Bernie Madoff.

What are the biggest risks facing our clients in 2017? Tough question, because particularly in healthcare, where the risks often can involve loss of life, there is a vast shortage of clinically trained risk professionals. But, even with that challenge, the single greatest risk facing firms, our markets, and our way of life is CyberSecurity. Our research shows that most of the Fortune 100 firms appear to be working diligently on this, but then it drops off significantly. The number of posted Chief of Information Security openings far exceed the supply.

Here is what our new SEC Chairman Jay Clayton said in a recent speech on July 12, 2017 at the Economic Club in NYC:

“Speaking more generally, cybersecurity is also an area where coordination is critical. Information sharing and coordination are essential for regulators to address potential cyber threats and respond to a major cyberattack, should one arise. The SEC is therefore working closely with fellow financial regulators to improve our ability to receive critical information and alerts and react to cyber threats…. As a final comment on enforcement, I want to go back to cybersecurity. Public companies have a clear obligation to disclose material information about cyber risks and cyber events. I expect them to take this requirement seriously. I also recognize that the cyber space has many bad actors, including nation states that have resources far beyond anything a single company can muster. Being a victim of a cyber penetration is not, in itself, an excuse. But, I think we need to be cautious about punishing responsible companies who nevertheless are victims of sophisticated cyber penetrations. Said another way, the SEC needs to have a broad perspective and bring proportionality to this area that affects not only investors, companies, and our markets, but our national security and our future.”

Basically, Clayton is saying CyberSecurity is a critical area, and that the SEC needs to support, rather than punish, companies who are diligently working to eliminate and minimize cybersecurity threats. As a board member, you realize that much of your role is ensuring that stakeholders are protected from risks, and that the firm is doing its best to understand and mitigate risks. Where does your firm stand on CyberSecurity? If you don’t know the answer to this, that, in itself, is a risk.

The answer to the question is – CyberSecurity is the most significant risk that most people, and businesses, face. Specifically, CyberSecurity is an operational risk, and until this function becomes more mainstream, and mature, the role should either report to the Chief Risk Officer or to someone else in the CSuite.

Regardless of the reporting structure, frankly, the challenge isn’t simply finding smart IT guys to build systems to outwit the hackers. Hackers, by their nature, will find ways around the systems, or will prey on the weaker systems. Sure, firms need the best and the brightest technical resources. But, the challenge is finding the right people who can can interface between the business and tech – to make sure that customers, employees and shareholders are protected. Even the largest financial services firms in the world are dealing with this same issue.

Do you have senior risk and business people, who are thinking strategically about CyberSecurity risk?

Risk Talent has partnered with leaders in the CyberSecurity consulting industry. If we can make a connection for you, feel free to reach out. And, due to the nature of this beast, our CyberSecurity recruitment services include a pre-search discussion between industry-leading CyberSecurity experts and your management team, to ensure that both the short term CyberSecurity strategy, as well as the search/hiring plan, makes sense.

Category: Blog

Post navigation

Recruiting Exceptional Risk Managers within Healthcare
Finding the Right Fit: Risk Management Recruitment

Related Posts

Risk Management Recruiting Firm Speaks at HedgeWorld Conference

December 20, 2010
Read More

Risk Recruiter Reports Chief Risk Officers in Energy See Total Comp Grow

January 18, 2011
Read More

Salaries Slightly Up for Risk Management Jobs in Energy

January 20, 2011
Read More

Industry Focus

Asset Management

Risk Talent Associates serves asset management firms including traditional asset managers, hedge funds,...

Capital Markets

Risk Talent Associates serves capital markets firms including investment banks, commercial banks, federal...

Global Corporations

Risk Talent Associates serves global corporations, including major corporations as well as their financial...

Healthcare 

Risk Talent serves hospitals, health insurance providers and healthcare organizations with risk and...

Oil/Energy & Renewables

Risk Talent Associates serves energy firms including firms that produce, transport and trade energy....

Risk Consulting

Risk Talent Associates serves risk consulting firms including consulting firms, administrators and ratings...

Software Analytics

Risk Talent Associates serves Software Analytics firms including risk management software developers....

News

  • The Risk Recruitment Process: A Step-by-Step Guide for Corporate Recruiters
    The risk recruitment process is a complex and critical endeavor for corporate recruiters.  With the growing importance...
  • Finding the Right Fit: Risk Management Recruitment
    Risk management is an essential part of any organization, but finding the right risk management professional can...
  • CyberSecurity – Risk or Compliance Issue?
    For the past 16 years, I have had the pleasure of watching the risk and compliance professions...
  • Recruiting Exceptional Risk Managers within Healthcare
    At Risk Talent, www.risktalent.com, we have seen a significant uptick in the number of risk professionals required...
  • Impact of Trump Victory on the Risk Management Profession
    Everyone is trying to figure out – what happens now?  For the 7.4 billion people in our...

Pages

About Us

Archives

  • March 2023
  • August 2017
  • July 2017
  • November 2016
  • August 2014
  • July 2014
  • March 2013
  • January 2013
  • April 2011
  • March 2011
  • February 2011
  • January 2011
  • December 2010
  • November 2010
  • June 2010
  • January 2010

Categories

  • Blog (49)
  • healthcare risk (1)
  • PCAOB (1)
  • risk (3)
  • Trump risk (1)
  • volcker rule (1)
Phone: 312-940-7180

MARKET RISK | CREDIT RISK | OPERATIONAL RISK | FINANCIAL COMPLIANCE | RISK TECHNOLOGY | QUANTITATIVE FINANCE | JOBS

  • Home
  • About Us
  • Our Markets
  • Our Team
  • Risk Insights
  • Salary Surveys
  • Placements
  • News
  • Contact Us
  • Links
©2023 Executive Management Recruiting Agency