Embark on a corporate career of any kind and you’ll quickly become familiar with an acronym you won’t find in any company handbook. CYA stands for “cover your behind,” and the premise is simply this. Always make sure you’ve either sufficiently assumed responsibility or passed the buck to someone else with appropriate documentation. If the manure hits the spinning blades, your career will still be intact. For every Chief Technology Officer (CTO), there’s one domain you absolutely need to exercise some CYA over.
Let’s say you’re the CTO of a company that just experienced a major disruptive cybersecurity breach. It’s all over the morning news as you prepare an email to the CEO and Board of Directors which goes something like this. “I’ve instructed the team to follow the business continuity plan we all signed off on, and I’ve escalated the issue to our vendor point of contact for a potential resolution and root cause analysis.” The simplicity of this response only works if one large vendor is responsible for ensuring all your firm’s primary cybersecurity needs. And today, there are five pure play cybersecurity companies leading the pack, at least when it comes to size.
Leaders Will Keep Leading
Remember that whole CYA thing? What do you think happens if you have three cybersecurity vendors? They’ll immediately start pointing f