You can be on Entrepreneur’s cover!

Why CEOs Should Absolutely Concern Themselves With Cloud Security Cloud security is no longer just the responsibility of your IT department. It needs to be a C-Suite issue because of the effect it can have on both executives and the company as a whole.

By Stu Sjouwerman

entrepreneur daily

Opinions expressed by Entrepreneur contributors are their own.

When you think of cybersecurity, you probably think of your IT team or highly specialized Infosec professionals, not yourself as a CEO. However, the reality today is that cybersecurity absolutely has to be front and center for C-level execs, and that failure to make it your issue brings substantial risk to your organization. To set your company up for success, it's best to take the attitude of "full personal responsibility" for your cloud security setup and operation.

The state of business demands that you step up to the plate

Probably the biggest reason cybersecurity needs to be elevated to one of your top responsibilities is simply that, as the CEO, you call most of the shots surrounding how the business is going to operate. To lead anyone else, you have to have a crystal-clear big picture of how everything interconnects and what ramifications threats in one area have to other areas. Additionally, it's up to you to hire and oversee people who truly understand servers and cloud security and who can build a secure infrastructure and applications.

That said, virtually all businesses today are "digital" businesses in some sense, if that means having a website, an app, processing credit cards with point of sale readers or using the "net for your social media marketing. All of these things can be potential points of entry for hackers, who happily take advantage of any vulnerability they can find. And with more people working remotely and generally enjoying a more mobile lifestyle, the risks of cloud computing are here to stay.

Put another way, the more we transition to digital, the bigger the attack surface for cyber criminals. That's why data breaches and cyber attacks are happening with increasing frequency. Those breaches can have a huge financial implication for your company, and it's only getting more expensive. The total expense to recover from a typical ransomware attack, for instance, was $761,000 in 2020. In just a year, that cost more than doubled to an average of $1.8 million, according to a report from cybersecurity firm Sophos. The damage to your organization's reputation can be even worse and linger for years after you're back in the black.

This is why you as a CEO cannot afford to be digitally illiterate. Right from the get-go, you need to be cognizant of cloud risks, take a firm "not on my watch" stance and have the perspective of security by design. For example, is your architecture designed properly? Do you have enough expert people to maintain your systems? Are you complying with current guidelines or regulations? That's all ultimately under your purview.

Related: The Role of Shared Responsibility Model in Ensuring Data Security in Cloud Computing

Two tips to get you started

One of the biggest requirements to protect your business in the digital age is to learn the language of the industry. That doesn't mean just the latest lingo. It means understanding what's trending in terms of how cloud architecture works, the pitfalls of different approaches and different types of technologies people are utilizing. And with Amazon being such a huge commercial player, it means staying on top of what's going on with Amazon Web Services, too.

Secondly, rethink your organizational structure in terms of your technology and security. In the past, it made sense to have your CISO report to your CFO. But that approach doesn't work with the line of thinking that, today, IT security is the CEO's responsibility. Switch gears and have your CISO report directly to you so it's easier to stay up to date, learn and make pivots. Because security is such a large part of the organization now, it makes a lot of sense to spend that personal time with the CISO, building trust and making sure they're keeping everything both as secure and efficient as possible.

Related: 3 Tips for Keeping Your Startup Dream Alive From a 5-Time Founder

If you want to lead, commit to leading cloud security, too

The use of the cloud is only accelerating. So take the bull by the horns. Don't wait or expect someone else to tackle your cloud security. The more you embrace your role as a technology leader, the more competitively you can operate in a world where digital is king.

Stu Sjouwerman

Founder and CEO, KnowBe4

Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which offers a platform for security awareness training and simulated phishing.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Business News

James Clear Explains Why the 'Two Minute Rule' Is the Key to Long-Term Habit Building

The hardest step is usually the first one, he says. So make it short.

Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

Business Solutions

Keep Inspiration in Reach with Nix Color Sensor, Now $60 for One Week Only

Scan any surface and get a detailed report of the color you're looking for.


Look Sharp with This Gillette Body Razor Set for $15

This Gillette Body Razor comes with nine refill blade cartridges and is on sale for $14.99 (reg. $24) for a limited time only.

Social Media

How To Start a Youtube Channel: Step-by-Step Guide

YouTube can be a valuable way to grow your audience. If you're ready to create content, read more about starting a business YouTube Channel.

Business Solutions

Set Your Team up for Success and Let Them Browse the Internet Faster

With ad blocking, Control D is $35 through April 21.