Also: Foot Locker turnaround, salary transparency, TikTok testimony.
Good morning. Fortune senior editor at large Geoff Colvin here, filling in for Alan,
For CEOs in eternal combat against cybercriminals—that is, all CEOs—it seems a day that had to come has finally arrived. Being accountable for cyber, erecting the mightiest defenses, trusting fully in world-class experts—none of that is good enough anymore.
So says a new report from ISTARI, a global cybersecurity firm established by Temasek, the Singapore state investment company. The document, “The CEO Report on Cyber Resilience,” was prepared in collaboration with the University of Oxford’s Said Business School.
What strikes me most strongly is the message that CEOs, regardless of their education, must become significantly more cyber-literate, like it or not. They don’t have to go to coding school or learn to banter about post-exascale high-performance computing, but they can’t regard the cyber world as a jungle impenetrable by all except lifelong techies. As the report says, CEOs (and by implication those who report to CEOs) must “move from blind trust to informed trust.” They must understand a new language.
The authors reached their conclusions by conducting 37 interviews with anonymized CEOs of global corporations. Some of their stories are striking. “The CIO came to present at an executive meeting and asked us how many servers we thought the company had,” one CEO said. “The lowest estimate in the room was four. The highest was 250. The reality was more than 4,000. That was an incentive for all of us to understand more. We realized we spend millions each year on this technology but don’t really understand it.”
The researchers also discovered, surprisingly, that many CEOs still rely far too heavily on prevention. It’s surprising because cybersecurity experts have been telling executives for years there are just two kinds of companies: those that know they’ve been broken into and those that don’t know. A U.S. CEO told the researchers, “We were all into prevention and not enough into resilience, and that’s the mistake we made.”
A European CEO related his painfully-won lesson: “I learned the clear truth that all CEOs must know: You can never stop a cyberattack, you just do your best to limit the damage. The idea that you could ever actually stop it is nonsense because sooner or later, something will get through.” Not a cheery message, but then we’re talking about dealing with criminals. This new report is a CEO-level guide to having more successes and fewer mistakes in dealing with a hard 21st-century reality.
Geoff Colvin
geoff.colvin@fortune.com
|
|
|
Turnaround plan
Foot Locker's new CEO Mary Dillon unveiled a turnaround plan that's intended to increase sales for the shoe retailer 9% above the $8.7 billion in revenue it reported last fiscal year. To reach that goal, Dillon, previously CEO of Ulta, is aiming to open stores away from shopping malls, promote a loyalty program, and invest in technology. Bloomberg
More salary transparency
Employers in the U.S. are increasingly posting salary ranges for job openings, even in states where it's not legally required. Advocates say this benefits women and people of color by shifting the responsibility of determining fair compensation to the employer. The practice allows job seekers to better understand their worth and lets employers attract top talent by being more competitive with their compensation packages. The Associated Press
TikTok testimony
TikTok CEO Shou Zi Chew is set to testify before Congress on Thursday where he's likely to get a frosty reception from lawmakers who consider the super-popular app a national security risk. Ahead of his testimony, TikTok parent ByteDance published an update to its corporate structure for the first time in three years, mapping out an organization that seems to conflict with Congress's interpretation of how the company operates.
|
|
|
Rethinking how tech trends shape governance and oversight According to Deloitte’s Tech Trends report, there are six macro-level forces that can help serve as a guidepost for how trends are shaping stakeholder expectations. How might board members draw on these drivers to inform the governance process, help mitigate risk and enhance a company’s competitive advantage? Read more.
|
|
|
Check Out What's New From Fortune! |
|
|
Thanks for reading. If you liked this email, pay it forward. Share it with someone you know. Did someone share this with you? Sign up here. For previous editions, click here.
To view all of Fortune's newsletters on the latest in business, go here.
|
|
|
|
 |
|
