Report: IT managers not best leaders in breach crisis
It's the business leaders who typically make all the big decisions affecting the whole company, said Bill Stewart, executive vice president at Booz Allen Hamilton.
"In a crisis, it doesn't work that way," he said. "The roles get flipped."
But a technology manager is going to focus on the technology -- on fixing the things that are broken and getting the adversary out of the systems.
[ ALSO: 5 steps to take when a data breach hits ]
But crisis management also involves legal issues, crisis communications, and other strategic decisions, that an IT manager might be unprepared for, or not have time to deal with.
In addition, technological solutions may sometimes be in conflict with what's best for a company as a whole.
"They may have to shut the systems down, reconfigure things, and do other things that will affect the business," Stewart said. "And they might not be in a situation where they understand the broader business objectives. Having someone who understands the broader business, helps them make better decisions."
However, it may not make good financial sense for a company to have a full specialized crisis management team standing by at all times, ready to jump into action.
"There's a whole suite of things that you may need, depending on the type of crisis and the scenario that you're dealing with," he said.
It makes more sense for a company to outsource a lot of this work, but Stewart urged companies to set up the plan, and find the right partners, well ahead of time.
"If you wait until you're in a crisis it's too late," he said. "You have to do a lot of research, and you lose a lot of time there, then you have to get people in, and when you get people in, they have to learn the company and that wastes a lot of time."
The looming Internet of Things
Another major change Booz Allen focused on in the report is the coming Internet of Things.
The combination of an increasing IP address space and falling technology prices, means that a networked devices will soon be showing up everywhere.
The number of cyber breaches occurring now will seem small in comparison.
"The Internet of Things is going to change the scale of things drastically," Stewart said. "The exposure is going to be much greater."
The problem is that the ordinary way of doing things puts security last, he said.
"Our tendency in developing IT infrastructure has been to build it so that it works as efficiently and as cheaply as possible," he said. "And the result is that it doesn't include security. Security has an operational cost."
But with the rising scale and price tag of breaches, companies are starting to recognize the importance of security, and the value of building it in right from the start, he said.
"If you do embedded security, you can actually get to a better, more secure solution more cheaply than if you have to add it on at the end," he said.