The role of project management in data security breaches

According to a report put out by the Identity Theft Research Center, the number of U.S. data breaches recorded in 2014 reached an all-time high of 783.

No industry is safe from security breaches, with business sectors, medical/health care companies, education, and government institutions all being hacked. In the wake of these attacks, more companies are starting to understand the importance of establishing risk management processes and using project managers to handle the threats.

IT project managers: changing roles

Even though 2014 was labeled as the “year of the data breach,” hacker sophistication continues to rise and no company is completely safe from a cyber attack. Almost 90 percent of CIOs and top IT professionals agreed that security was their top concern; however, only 21% of those surveyed felt comfortable with the security systems in place.

Project managers will be expected to understand new risk management systems and align their teams, systems, and vendors under their company’s security goals. In fact, companies are hiring specific cybersecurity project managers to keep their networks safe from vulnerabilities and breaches. These PMs are charged with planning and implementing security measures on all systems. Not only do these managers have to predict risks, they then have to implement systemic changes to mitigate these risks.

Project managers should be concerned with the ever-present threat of security breaches for the following reasons:

• Your defenses will be hacked. It’s not a matter of if your security defenses will be hacked, it’s when. As IT spending increases to combat security breaches, project managers will not only be pulled into projects to build better, more robust security measures, but will also be relied on to regulate access to information for staff, train employees under new security systems, and forecast threats to systems before they attack.
• Data storage and project files are complex—and digital. All projects require storage and organization of information and data, and there is always the potential for this data to fall into the hands of the wrong person(s). PMs will need to work closely with the right people within the company to ensure that the information storage and organization processes are secure from cyber attacks. Likewise, knowing who on the project team has access to information is vital to protecting company assets.
• It will save time and money. Understanding the potential for security breaches ensures that the right tools and tactics are in place at the onset of the project. Encryption systems, strategies for keeping tabs on employees using company software and tools, assessing pros/cons of cloud-based systems, etc., are all strategies to use at the onset of a project to be proactive about project organization. This provides a potential to save money up front rather than shell out big dollars when needing to react to security breaches.

Skills needed to manage cybersecurity risks

Breaches in security are not only shaping the roles of project managers but are impacting projects as a whole. Over 50% of IT decision makers have paused or completely abandoned a project due to IT security worries. The following skills are necessary in order to keep cybersecurity top of mind and mitigate a breach:

• Align strategies. It is important that current business needs, current project management needs, and potential security issues are assessed cohesively. Strategic alignment of these needs can decrease the chance of risks.
• Understand complex technology enterprise systems. The more you understand how the systems work, the better you can prepare your team and the more successful your projects will be.
• Communicate effectively to technology stakeholders. When you need to communicate specific, technical information that is time-sensitive in order to combat security breaches, it helps to understand the ins and outs of the communications systems within an organization.
• Shift priorities. As mentioned, projects can fall to the wayside due to security breaches. Great project managers will know how to mitigate risks at the onset, to shift gears based on security threats, or to forgo projects that may implicate the company’s security.

An MS in Information Technology, Project Management degree provides both a background in information technology and understanding of the current state of technology, preparing project management professionals to combat future data threats and security issues within organizations of all types and sizes.