Back in March, IT Business Edge published an article titled What’s Behind the C-Suite Disconnect on Risk.  This article references Protiviti’s Executive Perspectives on Top Risks for 2015 study, but it also asks a very important question: When does an IT risk (specifically cybersecurity) become strategic?  All to often, IT risks are viewed as tactical issues that need to be addressed rather than a strategic impact to the organization.  It often isn’t until a major news story breaks (i.e. natural disaster, major security breach) that IT risks raise to a strategic level.

What do you think of this article?  Why else do you think the C-Suite may not have a consistent risk perspective?

Chief Audit ExecutiveChief Executive OfficerChief Financial OfficerCIOCISOInformation SecurityInformation TechnologyIT GovernanceIT RiskIT Strategy