CIOs Must Own the Complete Cyber Incident Response Planning Process
- Details
- Written by Matt Roth
Cyber incidents are no longer isolated IT events. They are enterprise-level crises that can halt operations, trigger regulatory scrutiny and erode customer trust overnight. Yet too often, planning for how to respond is treated as a compliance checkbox or delegated piecemeal across functions.
The result? Gaps in preparedness, fragmented accountability and missed opportunities to strengthen resilience.
When an incident happens – and it will - planning is where the battle is won or lost. And it’s CIOs who should own the complete cyber incident response planning process. Not because they’re the only ones involved or experts in all facets of the response, but because they are best positioned to bridge the technical realities with the enterprise risks.
The stakes are high. Just ask Target’s former CIO, who resigned after the company’s 2013–14 breach and its much-criticized response exposed millions of customer records. Or Equifax’s CIO at the time of the 2017 breach, who “left the company” alongside its CSO amid blistering media coverage and public hearings. Desjardins, Clorox, Marks & Spencer and countless others have said goodbye to tech-focused C-suite leaders following significant cyber incidents.
The pattern is clear. These leaders weren’t ousted because the malware was too advanced or the attack too meticulously executed. They were ousted because planning gaps left their organizations flat-footed in the aftermath.
Why CIOs Need to Own All Aspects of the Planning Process
The case for CIO ownership comes down to three simple truths that no organization can afford to ignore.
Cyber is enterprise risk, not just IT risk
Breaches don’t just take down servers - they derail operations, rattle investors, invite regulatory scrutiny and erode customer trust. Planning needs to reflect those realities. CIOs are best positioned to orchestrate a plan that accounts for both technical response and enterprise-wide implications, ensuring nothing falls through the cracks.
Planning is the foundation of speed and clarity
Every major breach post-mortem tells the same story: the first hours decide the outcome. If the playbook hasn’t been written, tested and communicated in advance, confusion reigns supreme in the moment of truth. CIOs who own the planning process can ensure roles, responsibilities and escalation paths are defined and rehearsed so the organization responds with discipline instead of panic.
Accountability demands proactive leadership
Target and Equifax weren’t isolated cases. Boards and regulators are increasingly holding executives accountable for cyber readiness as much as response. A well-designed, CIO-led plan demonstrates proactive stewardship of enterprise risk. It signals to internal and external stakeholders that the organization is prepared to act swiftly, transparently and responsibly when the inevitable happens.
CIOs Can Effectively Own End-to-End Planning
Owning the process isn’t just about claiming responsibility. It’s about putting the right building blocks in place before a crisis ever makes headlines. Here’s how:
Lock in critical partners before the breach
An unfolding incident is not the time to shop for vendors or negotiate contract line-items. CIOs should lock in forensic firms, outside counsel and crisis communications advisors in advance. Contracts and scopes of work should be in place before an incident strikes, with clear SLAs and points of contact. This ensures external partners can be mobilized instantly instead of jumping through painstaking procurement hoops.
Integrate communications from day one
Too many organizations discover too late that subpar communications during an event can do more damage than the attackers themselves. Planning must include the role of communications from the outset, not as an add-on. Draft holding statements, FAQs and escalation protocols should be pre-approved. Communications leaders should have a seat at the table in every exercise, ensuring that when an incident occurs and a response is critical, messaging is clear, credible, consistent and effective.
Build and maintain a cyber communications playbook
Templates are useful, but they’re only half the battle. A breach unfolds in stages, and audiences need different messages at different times. A dedicated plan maps who to communicate with, when and how - from employees and customers to regulators and media. Without it, even the right message delivered at the wrong time can create new complications.
CIOs don’t need to draft every line, but they do need to own the integrity of the process: ensuring the plan exists, is regularly updated, and is tested alongside technical playbooks. Just as importantly, they must ensure that what is communicated is factually accurate and aligned with the realities of the incident. That oversight prevents the organization from making premature promises or issuing contradictory statements that could damage its credibility.
Run 360-degree tabletop exercises
Effective planning isn’t theoretical. It’s tested. CIOs need to champion exercises that simulate realistic breach scenarios, involving not just IT but operations, customer service, legal, HR and communications. Adding layers such as regulatory questions, media leaks, or customer escalations makes the exercise far more valuable and exposes weak spots before a real event occurs. It’s better to find gaps in any process on a quiet Tuesday afternoon than 72 hours into an active event.
Align with enterprise risk and continuity frameworks
Incident response cannot be an IT-only binder on the shelf. CIOs should ensure planning integrates seamlessly with enterprise risk management, disaster recovery and business continuity. That integration avoids duplication, ensures cross-functional alignment and makes cyber planning a natural extension of how the organization manages all high-impact risks.
Prepare the boardroom narrative in advance
Boards don’t want packet captures or firewall logs. They want a clear picture of impact, timelines and recovery – in plain business language. Part of planning is creating reporting dashboards and communication protocols tailored for board and executive stakeholders. When a breach occurs, CIOs who have already thought through how to brief the board in business language will build credibility and reduce panic when tensions are at their highest.
It’s No Longer If. It’s Not Even When. It’s How Bad.
The inevitability of cyber incidents is tired news. The real differentiator is how prepared you are when it hits. Reputational disasters and leadership shake-ups aren’t preordained - they’re avoidable with proper planning.
What separates companies that weather the storm from those that flounder is the strength of their planning. And the strongest plans are those owned, coordinated and championed by the CIO.
The best CIOs aren’t just guardians of systems - they’re guardians of trust. Owning the planning process doesn’t just protect the business. It protects the board’s confidence in you when the spotlight is at its harshest.
Matt Roth is a Partner at Sovereign Advisory – a strategic, financial and crisis communications firm with offices in Toronto and Montreal. Sovereign works with clients to help mitigate operational and reputational threats, including developing cyber incident response plans and conducting tabletop exercises that prepare leadership teams, IT executives and boards to respond effectively when it matters most.
Past Attendees
ADP - VP Architecture & Infrastructure
AESO - VP, Information Technology
Agnico Eagle Mines - VP, IT
Agrium - Global Mgr., IT Security
Agrium - Senior Director IT Shared Services
Aimia - SVP & Global CIO
Ainsworth Engineered - Director IT
Air Canada Vacations - Director IT
Alberta Energy Regulator - Director, Office of the CIO
Anthem Properties - VP IS
AON Risk Solutions Canada - Head of IT
Avison Young - VP Global Enterprise Architecture & Integration
Aviva Canada - VP, Architecture & Strategy
Bank of America Merrill Lynch - CTO
BC Ferry Services - VP & CIO
Bell Business Markets - Director, Strategy & Planning
Bell Canada - National Director, Digital Transformation
Bellatrix Exploration - Director, Information Technology
Bentall Kennedy - VP IT
BFL CANADA - CIO
BFL CANADA - Director, Cybersecurity & IT Risk Management
Black Press - CTO
BlackBerry - VP Corporate IT
BMO Financial Group - Director, Technology & Operations Transformation
BMO Financial Group - Head of Services Delivery
Bombardier Aerospace - CISO
Bonavista Petroleum - Head of IT
Borden Ladner Gervais LLP - Global CIO
Bow Valley College - Director, IT Services
Bridgewater Bank - Head of IT
BuildDirect - VP IT
Bulk Barn - Head, IT
Burnco - CIO
Caisse de Depot et Placement du Quebec - VP, IT Planning, Architecture, Governance, Operations
Calfrac Well Services - Head of IT
Canada Goose - CTO
Canada Live - VP of Technology
Canada Mortgage and Housing - VP, Information & Technology
Canada Protection Plan - Head of IT
Canadian Depository for Securities - CIO
Canadian Direct Insurance - CTO
Canadian Payments Association - VP & CIO
Canucks Sports - Head of IT
Capgemini - Service Delivery Director
CAPREIT - CIO
Cardel Homes - VP MIS
Cargojet - CIO
CBI Health Group - CIO
CCS Corp. - VP IT
CDSPI - Board Director
Centerra Gold - Director IT & Comm
CI Global Asset Management - VP of Enterprise Infrastructure $amp; Operations
CIBC - Senior Director, Infrastructure Planning & Engineering
CIBC - SVP & CIO, Retail and Business Banking Technology
CIBC Mellon - AVP, Enterprise Architecture
CIBC Mellon - SVP & CIO
Cineplex Entertainment - CTO
City of Brampton - Senior Manager, IT Architecture & Planning
City of Richmond Hill - CIO
City of Toronto - Director of Strategic Planning & Architecture
CN Rail Service - Chief Information Security Officer
Coast Capital Savings - VP Technology
Colliers - Head of Technology & Data
Concordia University - AVP & CIO
Crescent Point Energy - Head of IT
Dairy Farmers of Ontario - Head of IT and Administration
Dale Parizeau Morris Mackenzie - VP, IT
Davies Ward Phillips & Vineberg LLP - Director, Information Technology
DealerTrack Canada - Director, Technology
Defence Construction Canada - Corporate Manager, IT
Deloitte - Director, Risk Advisory
Dentons - Canada CIO
Devon Energy - Director, Integrated Business Services
Direct Cash - VP IT & Security
Dynamic Tire Corp - CIO
D+H Partnership - VP, Head of Canadian Mortgage Technology
eHealth - EVP, Technology
eHealth Ontario - VP, IT Systems & Services
Encana - Director, InfoSec
Enbridge Inc. - VP, Technology and Information Services
Enerflex - CIO
Enerplus - VP. IS
ENMAX - VP, IT & PMO
Equitable Bank - CIO
Equitable Bank - CISO
Equity Financial Trust - VP, IT
Essential Energy Services - Director, IT
Expedia Cruise Ship Centers - VP IS
FGL Sports - VP, Information Technology
Finastra - SVP, Head Technology Managed Services
Fix Auto Canada - COO & SVP
Flightnetwork.com - CIO
Freedom Mobile - Head, Customer Applications, Experience, & Strategy
FT Services - CIO
FundServ - CIO
Genus Capital Management - CTO
Genworth Financial Inc. - VP IT
Geotab - Board Member
Golder Associates - CTO
Gran Tierra Energy - Director IT
Grant Thornton LLP - CIO
Grand River Hospital - Director, Data Governance & Analytics
Greenwin Inc - VP, Information Technology
Groupe Dynamite - Director, IT
GSK Canada - IT Director
GTAA - Acting CIO
H&R Block Canada - VP IT
Haventree Bank - VP, Technology
Hewitt Equipment Ltd. - VP & CIO
Hitachi Vantara - GVP & Global CTO
Home Trust Company - CIO
Home Trust Company - CTO
Home Trust Company - VP & CISO
Horizon North Logistics - CIO
HSB Canada - VP IT
IBM Canada - Associate Partner, Payments Industry
Indigo Books and Music - CIO
Interac Corp - Director, Platform Engineering
ivari - SVP & CIO
JP Morgan Chase Canada - Executive Director, Information Risk Management
Keyera Energy - Director, Information Technology
KFC Canada - CTO
KnowledgeOne - CIO
LaFarge Canada - Director, IT
Landmark Cinemas Canada - VP, IT
LAWPRO - CIO
LCBO - Director, Applications Systems
LCBO - SVP & CIO
Leisureworld Senior Care Corp - VP IS
Lifeguard Digital Health - Chief Security & Informatics Officer
Loblaw Companies Ltd - Senior Director, Customer Engagement Technology
London Drugs - GM IT
Loto-Quebec - Corporate Director, InfoSec
Magna International Inc - VP & Global Leader, IT (CIO)
Manulife - Global Head of Private Markets & Real Estate Technology
March Networks - VP Professional Services & CIO
MaRS Discovery District - Managing Director, Fintech and Commerce
McCain Foods Limited - Manager InfoSec
McInnis Cement - Director of Information Technology
Medical Pharmacies Group - VP, Information Technology
MEG Energy - Manager, Information Technology Solutions & Services
Metrolinx - EVP & CIO
Minto Group - VP IT
MMM Group - CIO
Montreal Police Service - CIO
Morguard Investments - CIO
Moulding & Millwork - CIO
MullenLowe Group - Global CIO
National Bank of Canada - Information Security Officer
National Capital Commission - Chief, IT infrastructure & Support Services
NHL Players' Association - Head, Security & Technology
Northbridge Financial Corp - CIO
OEC Group Canada - Vice President, Information Technology and Client solutions
ODAIA - CEO
Oildex - VP, Architecture & Infrastructure
OPTrust - AVP, Enterprise Data Services
Olympia Financial Group - CIO
OMERS - EVP, Data & Technology
OMERS - SVP IT
OMERS - SVP, Data & Advanced Analytics
Ontario Pension Board - CTO
Ontario Teachers' Pension Plan - SVP, Product & Delivery
Ontario Trillium Foundation - CIO
Osum Oil Sands Corp - Manager, IS
Ottawa Police Service - CIO
Pacific Western Transportation - CIO
Packers Plus - Global IT Director
Pason Systems - Manager, Digital Communications & Corporate IT
Patient News - CTO
Peel District School Board - CIO
Pengrowth Corp - Director IS
Penn West Exploration - Snr. Manager, IT Operations
Peterson Investment Group - Head of IT
PFB Corp. - CIO
Pizza Pizza - CIO & VP, IT
Precision Drilling - VP, IT
Precision Drilling - Director, IT Infrastructure & Security
PSP Investments - Snr. Director, Internal Audit & Business Infosec
Public Works and Government Services Canada - Director, IT Security Directorate
PwC - Managing Director, Real Estate Technology Advisory
Pythian - CTO
Qantas - Global CIO
Queen's University - Director, Information Technology
RBC Royal Bank - Head of Application Security, Data Protection & Security Consulting
RBC Royal Bank - VP, Technology Platforms & Risk Management
RBC Royal Bank - Global Cybersecurity VP
Regal Lifestyle Communities - CIO
Revera Inc. - CIO
Revera Inc. - Security Architect
Rheem Manufacturing - CISO & Enterprise Architect
Ricoh Canada - VP,IT
RioCan Property Services - VP IT
Roche - Head of IT Americas – Operations
Rogers Communications - SVP, Customer Experience IT
ROM - CIO
Russel Metals - VP,IS
Salvation Army Canada - Board Director
SCI Group - CIO
Scotiabank - Head, Systems Architecture & Platform Modernization
Scotiabank - VP - International Systems Technology
Scotiabank - Head, System Architecture & Platform Modernization
Scotiabank - Global Head, GBM Compliance & Transformation
Sears Canada - Divisional VP, Information Technology Services
Secure Energy Services - GM, IT
Shaw - Head, Customer Applications, Experience, & Strategy
Shaw Communications - VP, Technology Operations
Shaw Communications - Director, Risk Management
SMART Technologies - Director, IS Corporate Services
Smartcentres - Director IS, IT
SmartOne Solutions - President & CIO
Societe de Transport de Montreal - Division Head - Security and Compliance
Street Capital Financial - CIO
Sun Life Financial - AVP, Data & Business Intelligence Services
Sun Life Financial - VP Application Ops & Services
Sunco Communication - COO
Suncor Energy Inc. - Director, Application Portfolio Optimization, I&PM, Business Services
Symcor - CTO, VP Technology Services
Talisman Energy - SVP IT & Business Services
TD Bank - Enterprise Architect
Teknion - SVP, CIO
TELUS - Chief Security Architect
Tervita Corporation - VP, Information Technology
The Hudsons Bay Company - VP Technology
The Hudson's Bay Company - SVP & CIO
The Source - VP, Information Technology
TMX Group - CISO & Global Head of Infrastructure Services
Toromont Industries - VP & CIO
Toronto District School Board - Chief Technology Officer
Toronto Hospital for Sick Children - Director of Technology
Toronto Parking Authority - CIO
Toronto Police Services - CISO
Toronto Transit Commission (TTC) - Chief Enterprise Architect
Toronto Transit Commission (TTC) - CIO
Toyota Canada - National Manager, IS
Transamerica Life Canada - CIO
Trican Well Services Ltd. - Director, Business Information Systems
Tridel Corporation - CIO
Trillium Health Partners - IT Director, Applications & Clinical Informatics
UFA Cooperative - VP & CIO
University of Calgary - Executive Director, Development Services
University of Ottawa - CIO
University of Ottawa - Senior Director IT Services & Infrastructure
University of Toronto - Director, Centre for Management & Technology
University of Waterloo - Director, Technology Entrepreneurship
Valencia Risk - Managing Director
Vancity - VP Technology & Solutions
Viterra - Director Enterprise Technology
Wawanesa Mutual Insurance Company - Director of Innovation Outpost
World Health - Director IT
Wolseley Canada - CIO & COO
WSIB - Board Director
Yellow Pages Group - Director - Enterprise Data Management
York Region District School Board - CIO
York University - Board Director
Leadership Archive
- ► 2025 (6)
- ► 2024 (12)
- ► 2023 (11)
- ► 2022 (11)
- ► 2021 (28)
- ► 2020 (20)
- ► 2019 (6)
- ► 2018 (5)
- ► 2017 (3)
- ► 2016 (4)
- ► 2015 (8)
- ► 2014 (1)
- ► 2013 (14)
- ► 2012 (11)
- ► 2011 (1)
Having an AI advisor that provides recommendations based on your direction can be helpful. But an expert actor that can make decisions and work without oversight is even more powerful.
Artificial Intelligence is no longer a buzzword; it's a daily boardroom reality. CIOs are tasked not only with adopting AI but also with translating their "AI promise" into operational and financial value. However, despite board-level urgency and growing enterprise investments, many AI programs still fail to deliver—not due to lack of ambition, but because of a strategic value gap.
AI is transforming industries at warp speed, with companies across sectors driven by its potential to accelerate revenue growth, boost operational efficiency and customize customer experiences.
Salad.
The Banking, Financial Services, and Insurance (BFSI) sector is witnessing a rapid AI adoption surge, but this digital acceleration comes with significant challenges. According to the
Why Flexible Infrastructure Consumption is in High Demand and Driving Business Growth
The year is 2035. AI has become as invisible and integral to our lives as Wi-Fi and solar energy. After overcoming energy consumption challenges, chip shortages, and infrastructure limits, technology has evolved into a powerhouse that drives industries while solving sustainability issues.
As AI revolutionizes industries, one major question looms: How can businesses ensure solid returns on their investments without falling into financial traps? Concerns about AI's return on investment (ROI) are valid.
Lessons from CrowdStrike on Safeguarding Your Data with Compliance, Continuity and Disaster Recovery Strategies.
