Introducing the Role of The Chief Cybercrime Officer

Can the CISO and CCO work in harmony?

By Matt Cable, VP Solutions Architects & MD Europe, Certes Networks

The TalkTalk data breach in 2015 had big repercussions. With the personal details of 157,000 customers accessed, including bank account numbers and sort codes of over 15,000 customers, it certainly was not the largest the industry had seen. However, it resulted in government recommendations that a specific officer should be appointed with day-to-day responsibility for protecting computer systems from cyber attacks.

In most organizations, this responsibility fell to the Chief Information Security Officer (CISO), supported by the CEO, with the main task of strengthening the organization’s cybersecurity capabilities. While the role of the CISO is certainly not new, it has evolved over recent years to keep up with the advancements in the threat landscape. A CISO’s job description is now extremely varied, including managing security operations, cyber risk and cyber intelligence, security architecture, data loss and fraud prevention, program management, identity, and access management and compliance, and governance.

As well as adding to the CISO’s job description, the rise of cybercrime has also put the role under increasing scrutiny. It’s easy to see why, as research shows that most CISOs and the entire C-Suite believe the CISO is ultimately responsible for responding to a data breach on behalf of the organization. With numerous day-to-day responsibilities, many organizations have decided to add another role to the mix to give the CISO a helping hand. This is where the Chief Cybercrime Officer (CCO) comes in.

Say hello to the CCO

The CCO’s role involves ensuring the organization is cyber-ready. They bear the responsibility of mitigating breaches, taking the lead if a breach does occur, and providing the necessary link between the Board and the rest of the company to reduce risk and work cohesively to resolve problems instantaneously. This role should ease the load on the CISO and ensure the organization can get one step ahead of hackers in the cybercrime rate. However, organizations must take into account the need for both the CISO and CCO to work in tandem, which involves ensuring each role is clearly defined and has full support from the Board.

CISO and CCO working together

The CISO and CCO share a common goal of keeping the company’s data safe from cyber threats. Yet, the definition of what each role entails might be different for each organization. While the CCO will be focused on the system architecture, the CISO will be focused on the security of the information within the organization. With this defined, there should be no reason that both roles can’t work collaboratively towards keeping the organization and its data safe.

With both roles working in harmony, the next step that organizations need to take in ensuring the CISO and the CCO have enough influence with the Board to make critical decisions and resolve issues immediately. To do this, the Board should have full visibility of the entire cybersecurity strategy, which should be regularly reviewed and updated in line with new threats and intelligence. From this, the CCO and CISO can be given the responsibility to report and respond to incidents and make rapid decisions on behalf of the business. This is essential as, in the event of a data breach, removing unnecessary authorization steps ensures that the organization can respond quickly and put remediating measures in place to minimize potentially catastrophic repercussions.

Cybersecurity threats are increasing day by day and these threats can’t be ignored. Organizations must consider what the most effective structure is that will enable decisions to be made quickly and that will leave space for both the CISO and CCO to work in tandem.

About the Author

Matt Cable is VP Solutions Architect and MD Europe, Certes Networks. Matt is a Cyber-Security and Cryptography expert with more than 20 years of consultancy experience that covers IT Strategy and Enterprise. Matt can be reached on LinkedIn here – https://www.linkedin.com/in/mattcable72/ – and at our company website www.certesnetworks.com