Did LinkedIn’s Lack of a CISO Lead to Breach?

Shocking … how can you be an online digital technology company and NOT have a CSO or CISO? We can see if you were an offline company and had delegated security responsibility to to some other C-level person or a VP or two. If your network gets compromised then at least you might still be able to provide your product or service manually. But if your company’s primary revenue is based on an ad- and subscription-based website and you don’t have infosec representation at the C-level, you are definitely starting off on the wrong foot. Oh and to answer that question … yes, we think so.

via InfoRiskToday.com

LinkedIn, the social network that’s investigating the pilfering of what could be more than 6.5 million of its members’ hashed passwords, has neither a chief information officer nor chief information security officer.

“We don’t currently have executives with those specific titles, but David Henke, senior vice president, operations, oversees the functions,” a LinkedIn spokesperson wrote in response to my inquiry.

LinkedIn isn’t the first technology company to experience a breach that has lacked a specific senior executive responsible for assuring the security of its data and systems. Two of the most prominent breaches of 2011 – to security provider RSA and consumer electronics giant Sony – occurred when neither of those companies had a CISO. Both, however, employed a CIO at the time.

Continued here.

#####

LinkedIn has suffered a security breach with no CSO/CISO. Coincidence, or does this reaffirm the need for security representation at the C-level? Today’s post pic is from CarouselIndustries.com.

6 comments for “Did LinkedIn’s Lack of a CISO Lead to Breach?

  1. June 10, 2012 at 1:50 pm

    Shocking … how can you be an online digital technology company and NOT have a CSO or CISO? We can see if you wer… http://t.co/1Ln9uKnd

  2. June 10, 2012 at 2:56 pm

    BLOGGED: Did LinkedIn’s Lack of a CISO Lead to Breach? http://t.co/iAwPgtvy

  3. June 10, 2012 at 4:46 pm

    Did LinkedIn’s lack of a CISO contribute to their recent breach? http://t.co/e8m30XfW

  4. June 10, 2012 at 6:46 pm

    How could an all online company not have CISO? Cause of breach? In other news their stock went up 2.5%. http://t.co/e8m30XfW

  5. June 10, 2012 at 8:42 pm

    BLOGGED: Did LinkedIn’s Lack of a CISO Lead to Breach? http://t.co/e8m30XfW //In case U missed.

  6. June 10, 2012 at 11:53 pm

    BLOGGED: Did LinkedIn’s Lack of a CISO Lead to Breach? http://t.co/e8m30XfW

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.