CEO Topic: Practical Methods of Managing Information Security (InfoSec)

Author: Will Jan

Date: August 23, 2017


Cyberattacks are costly to corporations in terms of lost revenue, market capital, and brand capital. Notable cyberattacks — like the breach at Yahoo! that topped one billion account holders, and Equifax’s data heist that affected nearly 200 million US consumers — are calling into question how consumers can trust their sensitive data to information businesses that need more protection.

Given new data regulations and constant headlines related to data breaches and misuse, public expectations related to information and data security are higher than ever. In addition, these tasks are no longer the domain of the CIO and chief information security officer (CISO). The public sees them as a function of the highest-ranking member of the executive team — the CEO — and as requiring support from the entire organization. This is new territory for CEOs, and their jobs and personal and corporate reputation are at stake.

This report serves as a practical guide to staying in front of the information security (InfoSec) issue, from building awareness to practical execution methods. It not only identifies the potential expectation gaps between customers and companies on governance and security measures but also those between staff and the executive team concerning the implementation of those measures. The analysis concludes with recommendations tailored to company executives and their information management staff for effective information governance and security.


This report draws extensively from Outsell’s unique industry metrics and analytics, including our proprietary database of over 9,000 companies. We augmented this data with industry and executive surveys and interviews on information and data security, which collectively garnered 1,023 responses. We surveyed 1,013 professionals from all verticals — who represent consumers with personal data, and are henceforth collectively referred to as “the public” — and interviewed 10 CEOs and CISOs (or equivalent) from the data and information industry.

The goal of this mix was to ensure that we captured feedback not only from those generating personal data but also those who have the power to govern its use. Our choice of professionals to represent the public means that they can share their perspectives on the importance of personal data security (as consumers) and expectations on how such data needs to be handled in the workplace (as professionals).

The select executives interviewed are from leading companies housing large volumes of both corporate and consumer data. These companies serve as an ideal industry benchmark of how data is protected, governed, and utilized.

The comparison between these two distinct populations serves to identify relevant gaps in expectations regarding data security.

Finally, we coupled our original research with secondary research looking at best practices in this area to augment the practices we determined from industry leaders in information services. This, combined with Outsell’s daily contact with players in the information industry, and the deep industry experience of our analytical staff, helped form our analysis and conclusions.

Outsell Inc. CEO Topic: Practical Methods of Managing Information Security (InfoSec)


Why this Topic


Key Findings

Public Perception

Executive Perception


Best Practices in Motion

Essential Actions

Figures and Tables

Figure 1: Contract Analytics Companies at a Glance

Management Consulting Company?

Investment levels are adjusted accordingly for management consulting companies. Please contact to have your order fulfilled.


There are no reviews yet.

Be the first to review “CEO Topic: Practical Methods of Managing Information Security (InfoSec)”

Your email address will not be published. Required fields are marked *

Post comment