Most high-growth companies have technical debt: work owed to IT or software development due to shortcuts that advance the business. That’s natural. But what if the debt carries security risks? Orrick capital markets partner Jamie Evans sat down with Kroll CISO David Dunn to discuss how companies and investment bankers preparing for an IPO can address the risks.
The Takeaways
For the Investment Banking Team:
Determine security ownership. Take a step back See more +
Most high-growth companies have technical debt: work owed to IT or software development due to shortcuts that advance the business. That’s natural. But what if the debt carries security risks? Orrick capital markets partner Jamie Evans sat down with Kroll CISO David Dunn to discuss how companies and investment bankers preparing for an IPO can address the risks.
The Takeaways
For the Investment Banking Team:
Determine security ownership. Take a step back and start the conversation by assessing who owns security from an operations, product and regulatory compliance perspective. CISO responsibilities are varied and continue to expand, so dive in to learn the company’s current approach.
Consider security not only for the network but for product. Customers are hyper-focused on product security and how the responsibility is managed within an organization. It may be one of the most important indicators of value and risk for a business.
For the Late-Stage Company CISO:
Sync with your teams. Ask your infrastructure, product and compliance teams early and often: What’s keeping you up at night? Use this exercise to build trust and identify areas for focus and improvement.
Demonstrate an effective record. If security issues arise, Dunn says the No. 1 way CISOs can instill confidence is through a record of issue-spotting and process execution.
For more on due diligence considerations, tune in to The Evolving Role of the CISO: From evangelizing product to collaborating with the C-suite. See less -
