APAC CIOOutlook

Advertise

with us

  • Technologies
      • Artificial Intelligence
      • Big Data
      • Blockchain
      • Cloud
      • Digital Transformation
      • Internet of Things
      • Low Code No Code
      • MarTech
      • Mobile Application
      • Security
      • Software Testing
      • Wireless
  • Industries
      • E-Commerce
      • Education
      • Logistics
      • Retail
      • Supply Chain
      • Travel and Hospitality
  • Platforms
      • Microsoft
      • Salesforce
      • SAP
  • Solutions
      • Business Intelligence
      • Cognitive
      • Contact Center
      • CRM
      • Cyber Security
      • Data Center
      • Gamification
      • Procurement
      • Smart City
      • Workflow
  • Home
  • CXO Insights
  • CIO Views
  • Vendors
  • News
  • Conferences
  • Whitepapers
  • Newsletter
  • Awards
Apac
  • Artificial Intelligence

    Big Data

    Blockchain

    Cloud

    Digital Transformation

    Internet of Things

    Low Code No Code

    MarTech

    Mobile Application

    Security

    Software Testing

    Wireless

  • E-Commerce

    Education

    Logistics

    Retail

    Supply Chain

    Travel and Hospitality

  • Microsoft

    Salesforce

    SAP

  • Business Intelligence

    Cognitive

    Contact Center

    CRM

    Cyber Security

    Data Center

    Gamification

    Procurement

    Smart City

    Workflow

Menu
    • Compliance
    • Cyber Security
    • Hotel Management
    • Workflow
    • E-Commerce
    • Business Intelligence
    • MORE
    #

    Apac CIOOutlook Weekly Brief

    ×

    Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from Apac CIOOutlook

    Subscribe

    loading

    THANK YOU FOR SUBSCRIBING

    • Home
    Editor's Pick (1 - 4 of 8)
    left
    Welcoming Big Data Technology amidst Changes

    Darren Cockrel, CIO, Coyote Logistics

    Leveraging Compliance to Your Advantage

    Mark Bloom, Global CIO, Aegon

    Demystifying the Role of IT in Millennial Organizations

    Jeff Fithian, VP, Strategic Initiatives and CIO, Dynamic Materials Corporation

    Lessons Learned from a CIO

    John Miller, Vice President and CIO, American Textile Company

    New Hr Capabilities To Face Evolving Technologies

    Anti Deisnasari, Director Of Compliance, Seabank Indonesia

    Strengthening The Compliance Fortress In The Banking Sector

    Chuan Lim Ang, Managing Director And Sg Head Of Compliance, Cimb

    Navigating Legal Challenges By Adapting To Technological Shifts

    Valerie Feria Amante, Chief Legal, Ethics & Compliance Officer, Jollibee Group Of Companies

    Compliance In The Medtech Industry

    Tomoko Chantelle Kondo, Head Of Legal & Compliance, Arthrex Japan

    right

    Productivity and Security- Can you ever have both?

    Julie Cullivan, SVP, Business Operations & CIO, Fireeye

    Tweet
    content-image

    Julie Cullivan, SVP, Business Operations & CIO, Fireeye

    Risk. It’s a four-letter word in more ways than one. Fear of risk makes us wait, put things on hold, and potentially cost us something: an opportunity, a competitive edge or an account.

    Sometimes it’s not only worth it to take a risk, it’s necessary. Businesses may need to change the way they do business, and that change may require a certain amount of risk.

    What many companies don’t believe is that it’s possible to do both—be productive and maintain security.

    Enterprise Risk Management

    The cyber security world is fraught with risk. And while we like to feel secure the fact is, breaches are inevitable. There is no question a security breach can happen to even the most prepared organisation, thanks to savvy, sophisticated threat actors. We develop a new way to protect ourselves and before it’s even in place, some hacker is ahead of the curve with a way to sneak past it. So if you can’t guarantee a breach won’t happen, the best you can hope for is to lessen your exposure to risk. Enterprise risk management is the best way to approach that.

    There are three fairly straightforward steps to managing risk:

    1. Measure

    2. Discuss

    3. Negotiate

    1. Measure: Your first task is to accurately measure your level of vulnerability. Just how much risk are you willing to accept? Zero risk is probably not an option for most of us. Just having a computer or a mobile device means there’s a potential for a breach. So first determine how risky it is, and then decide whether a new way of doing business is worth that risk. Say you’re considering whether to allow your employees to use a cloud application to store and share files. Is the need for them to share instantly more important than the risk of opening your network up to possible malware-infected documents?

    2. Discuss: It’s important to have buy-in from people across the company. A working team composed of cross-functional representation can do a lot of the legwork on the front end to assess the risk and how it will impact the company’s productivity. A decision to roll out a new HR system may impact finance, or may mean sales people on the road now need mobile access. This team can address the concerns and calculate the risk involved in implementing the new capabilities. Regular meetings are key here, because businesses, and their needs, change–but so does the threat landscape.

    A Security Breach Can Happen To Even The Most Prepared Organisation, Thanks To Savvy, Sophisticated Threat Actors

    Input from various stakeholders ensures you’ve thought of everything before taking an idea to the top-level decision makers.

    3. Negotiate: Consider creating an executive security steering committee. During regular meetings, this team should be updated on where the company currently is security-wise, and discuss security concerns that need to be addressed at the executive level. Sometimes you’re faced with a higher level of risk than you’re used to, and you may get push back from folks who are unwilling to take that leap of faith. If your working team has already discussed the pros and cons and concluded that it’s worth the risk, your executive team has the input they need from across the company to make an informed decision. This team should meet quarterly but may be needed in the meantime if a security need arises. Above all, it is key that this team understand that security is not simply an IT concern–it is an enterprise concern with company-wide implications.

    “The right combination of technology, intelligence and expertise can go a long way to protect your company’s network while keeping your company’s doors open for business”

    Lock the Doors

    While it may sound dramatic, an organisation needs to secure the perimeter before anything else. How secure are your firewalls? When is the last time you updated your anti-virus protection? Regardless of your answer, you probably aren’t doing enough to keep your company secure. Cyber attacks easily bypass traditional signature-based tools, which means you need a security platform that not only works to prevent a breach, but also detects possible attacks and helps you analyze and if necessary, responds.

    The Cloud and mobile devices are hot targets for hackers looking for a way in. The last thing you need is for an employee to potentially bring something into your environment by plugging in their mobile device into your secure network. The bad guys may already be targeting you from outside–don’t make their job easier by having one of your own inadvertently being the malware messenger. Does that mean you shouldn’t adopt a BYOD mentality? Not necessarily. Mobile access is the key to many business needs and can help your employees stay productive. It simply means you need to make sure you’re as protected as possible.

    And if your system gets compromised, you’ll need tools to respond and contain the breach and mitigate loss. These types of tools take time to implement, and your working committee and executive steering committee should discuss these as soon as possible to they’re prepared for the worst. The right combination of technology, intelligence, and expertise can go a long way to managing a compromised network and keeping your company’s doors open.

    Decisions

    Business needs change over time. When you’ve got to decide whether how to meet your changing needs, the decision ultimately comes down to a tradeoff between productivity and security. Things to keep in mind at this stage are the potential business impact, the impact on productivity, whether it will help drive the business or deliver service to a customer. These factors must be taken into account when determining whether to undertake a move that may carry additional risk.

    Other concerns: How important is this change to the company? Is it impeding the business’ operations to keep the status quo? Will this change open your company up to potential data leakage or privacy concerns?

    The bottom line is: you can have a balance between productivity and security. Keeping your company (and your customers) secure cannot mean total lockdown, because no one can do their work. Find a level of risk you’re comfortable with, take the necessary steps to protect yourself as best you can, and have a plan in place to contain a breach in the event it happens. And know that you’ve done everything you can to eliminate one four-letter word from your vocabulary, or at least, to tame it.

    tag

    Enterprise Risk Management

    HR

    Weekly Brief

    loading
    Top 10 Compliance Solutions Providers in APAC - 2025
    ON THE DECK

    I agree We use cookies on this website to enhance your user experience. By clicking any link on this page you are giving your consent for us to set cookies. More info

    Read Also

    Artificial Intelligence - Myths And Truths

    Artificial Intelligence - Myths And Truths

    Geraldo Pereira Junior, Chief Information Officer, Ypê
    Sustainable Future through Innovative Technology Solutions

    Sustainable Future through Innovative Technology Solutions

    Faisal Parvez, Director, BT Business CIO
    The Future Relies on Augmented AI

    The Future Relies on Augmented AI

    Laurent Fresnel, CIO, The Star Entertainment Group
    Digitalization with the use of digital technologies/Improving business through digital technologies

    Digitalization with the use of digital technologies/Improving business through digital technologies

    Wilbertus Darmadi, CIO, Toyota Astra Motor
    How Marco's Pizza Leaned On Technology To Succeed Amid The Pandemic By Quickly Pivoting To Contact-Free Delivery And Curbside Carryout

    How Marco's Pizza Leaned On Technology To Succeed Amid The Pandemic By Quickly Pivoting To Contact-Free Delivery And Curbside Carryout

    Rick Stanbridge, VP & Chief Information Officer, Marco’s Pizza
    Bunnings  Diy Digital Transformation

    Bunnings Diy Digital Transformation

    Leah Balter, Chief Information Officer, Bunnings
    For a Smarter City: Trust the Data, Ignore the Hype

    For a Smarter City: Trust the Data, Ignore the Hype

    Brad Dunkle, Deputy CIO, City of Charlotte
    Smart Community Innovation for the Post Pandemic

    Smart Community Innovation for the Post Pandemic

    Harry Meier, Deputy Cio for Innovation, Department of Innovation and Technology, City of Mesa
    Loading...
    Copyright © 2025 APAC CIOOutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy and Anti Spam Policy 

    Home |  CXO Insights |   Whitepapers |   Subscribe |   Conferences |   Sitemaps |   About us |   Advertise with us |   Editorial Policy |   Feedback Policy |  

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://compliance.apacciooutlook.com/ciospeaks/productivity-and-security-can-you-ever-have-both-nwid-765.html