“The proof is in the pudding,” goes the old saying.
When it comes to organizational changes companies make following a data breach, If the proof is in the pudding, then the verdict is clear: companies should hire a Chief Information Security Officer (CISO) before they have a data breach.
Why?
According to this article in USA Today, companies usually tend hire CISOs after they have had a data breach. After?
Yes. They do this because they do not want to have another data breach and, after feeling the sting from the first, they are finally willing to invest more resources so that they do not have another data breach.
There is another old saying to remember: “Wise men learn from their mistakes, but wiser men learn from the mistakes of others.” (author unknown)
As your company’s leader, which will you be?