It’s unsettling but true: most enterprises – regardless of size – are under constant cyber attack. Even back in 2012, Gartner Research said: “There is widespread agreement that advanced attacks are bypassing our traditional signature-based security controls and persisting undetected on our systems for extended periods of time. The threat is real. You are compromised.” A senior executive from one of ROI’s clients sums it up best: “There are just two types of companies today; those that have been cyber attacked and those that are being attacked now but don’t know it yet.”

As a Middle Market CEO, should you suspect or anticipate a data breach, you may want to explore adding a CISO (Chief Information Security Officer) to your executive leadership team. The CISO performs a wide variety of duties including establishing, implementing, monitoring, and enforcing information security standards enterprise-wide. In conjunction with the IT team, your CISO would create and maintain information security strategies, policies, and on-going risk assessments for the creation and roll-out of security awareness and training programs.

If you don’t have that role covered, here’s what could happen with a malicious cyber attack:

  1. Loss Of Data Is Just The Beginning. When cybercriminals break through your defenses, you risk the loss of intellectual property, customer records, as well as confidential corporate strategies. Any of those losses could significantly weaken or paralyze you competitively, not to mention subject your organization to extended litigation, judgments, fines, and likely a loss of public and shareholder confidence.
  2. Data Breach = Lost Productivity. If you discover a breach after the fact, your entire IT department is going to be in damage control mode, scrambling to assess where other gaps may be while simultaneously rebuilding corrupted systems. The fact is you can’t conduct business if you can’t be assured your data is secure.
  3. Under Attack? Budget Accordingly! The average cost of a data breach was $5.9 million in 2014, according to a joint study from IBM and the Ponemon Institute. In their report, “2014 Cost of Data Breach Study: United States,” they found most breaches were caused by malicious or criminal attacks (44%), followed by employee negligence (31%) and system glitches (25%).

Attacks by hackers using complex, sophisticated methodologies have become increasingly more effective in their efforts to compromise your data and sabotage your brand. And should either be compromised, your bottom line won’t be far behind. For some CEOs, that’s enough justification to add a CISO to their management team. How are you protecting your data and intellectual property?