Good morning. Fortune senior editor at large Geoff Colvin here, filling in for Alan,
For CEOs in eternal combat against cybercriminals—that is, all CEOs—it seems a day that had to come has finally arrived. Being accountable for cyber, erecting the mightiest defenses, trusting fully in world-class experts—none of that is good enough anymore.
So says a new report from ISTARI, a global cybersecurity firm established by Temasek, the Singapore state investment company. The document, “The CEO Report on Cyber Resilience,” was prepared in collaboration with the University of Oxford’s Said Business School.
What strikes me most strongly is the message that CEOs, regardless of their education, must become significantly more cyber-literate, like it or not. They don’t have to go to coding school or learn to banter about post-exascale high-performance computing, but they can’t regard the cyber world as a jungle impenetrable by all except lifelong techies. As the report says, CEOs (and by implication those who report to CEOs) must “move from blind trust to informed trust.” They must understand a new language.
The authors reached their conclusions by conducting 37 interviews with anonymized CEOs of global corporations. Some of their stories are striking. “The CIO came to present at an executive meeting and asked us how many servers we thought the company had,” one CEO said. “The lowest estimate in the room was four. The highest was 250. The reality was more than 4,000. That was an incentive for all of us to understand more. We realized we spend millions each year on this technology but don’t really understand it.”
The researchers also discovered, surprisingly, that many CEOs still rely far too heavily on prevention. It’s surprising because cybersecurity experts have been telling executives for years there are just two kinds of companies: those that know they’ve been broken into and those that don’t know. A U.S. CEO told the researchers, “We were all into prevention and not enough into resilience, and that’s the mistake we made.”
A European CEO related his painfully-won lesson: “I learned the clear truth that all CEOs must know: You can never stop a cyberattack, you just do your best to limit the damage. The idea that you could ever actually stop it is nonsense because sooner or later, something will get through.” Not a cheery message, but then we’re talking about dealing with criminals. This new report is a CEO-level guide to having more successes and fewer mistakes in dealing with a hard 21st-century reality.
Geoff Colvin
geoff.colvin@fortune.com
TOP NEWS
Turnaround plan
Foot Locker's new CEO Mary Dillon unveiled a turnaround plan that's intended to increase sales for the shoe retailer 9% above the $8.7 billion in revenue it reported last fiscal year. To reach that goal, Dillon, previously CEO of Ulta, is aiming to open stores away from shopping malls, promote a loyalty program, and invest in technology. Bloomberg
More salary transparency
Employers in the U.S. are increasingly posting salary ranges for job openings, even in states where it's not legally required. Advocates say this benefits women and people of color by shifting the responsibility of determining fair compensation to the employer. The practice allows job seekers to better understand their worth and lets employers attract top talent by being more competitive with their compensation packages. The Associated Press
TikTok testimony
TikTok CEO Shou Zi Chew is set to testify before Congress on Thursday where he's likely to get a frosty reception from lawmakers who consider the super-popular app a national security risk. Ahead of his testimony, TikTok parent ByteDance published an update to its corporate structure for the first time in three years, mapping out an organization that seems to conflict with Congress's interpretation of how the company operates.
AROUND THE WATERCOOLER
Here’s what 3 high-profile CFOs learned from their first jobs by Chris Morris
Silicon Valley Bank’s collapse almost led to payroll disasters. But it offers founders an important finance lesson by Paolo Confino
Gen Zers are now ‘polyworking’ because holding down just one job doesn’t pay enough or give them the flexibility they want by Orianna Rosa Royle
Finance YouTubers who promoted FTX have now been handed a $1 billion lawsuit by Eleanor Pringle
This edition of CEO Daily was edited by Jackson Fordyce.
This is the web version of CEO Daily, a newsletter of must-read insights from Fortune CEO Alan Murray. Sign up to get it delivered free to your inbox.
