Andrew Mpofu, SAPOAndrew Mpofu, SAPO


There are two categories of company executives; those who are paying diligent attention to company matters and those who are completely not doing so.

But, only a quarter of the diligent executives are paying the right attention to IT matters, including .

The reason IT is not given the right priority by three-quarters of diligent executives has to do with timing and educational background of current board members.

Most people at executive level are predominantly of accounting and other businessrelated backgrounds. They grew up in a time when computerisation was in its infancy, and the most important thing to this generation is that computerisation generally quickens processes. They are still far removed from the concept of fraud and theft via technology, and many view computer processing as a trustworthy activity. They think once data is in the computer, we can relax and enjoy effi cient IT processing.

This situation will be remedied once the current tech-savvy generation reach executive company positions. Then, there will be a shift in company executives appreciating that confidentiality, integrity and non-repudiation are assertions that need to be protected as much as keeping the cheque book locked away in the traditional paper processing, which is what the current generation grew up with.

Since the evolution of IT, we moved from mainframes to standalone desktops, networked private LANs, the Internet, cloud computing and virtualisation. The world has become a heavily populated high-density digital township riddled with cyber terrorism. The malicious community is as busy developing and complicating its devastating nefarious tactics and sometimes arguably more than the defensive community.

Security is not a discretional budget item, it should be correctly viewed as an input cost to doing business. Companies that recognise the importance of a CISO as a link between business and IT are doing the right thing. The of IT systems has a huge bearing on the brand protection and the implied charisma to retain and draw new clients.

About the author: is the internal audit manager at SA Post Office.