FEATURE: CYBERSECURITY
//////////////////////////////////////////////////////////////////////////
Cyber-risks seem to evolve
even quicker than the
pace of change to digital
technology and the disruption
of traditional business
models. John McLoughlin,
cybersecurity expert and CEO
at J2 Software, tells Intelligent
CIO that business leaders are
now clearly recognising the
critical nature of cyberthreats
and starting to identify and
embrace best practices to
mitigate risks.
These more complex approaches account
for the need to build capabilities in
understanding, assessing and quantifying
cyber-risks in the first place, as well as adding
the tools and the resources to respond to
and recover from cyber incidents when they
inevitably occur.
As cyber-risks become increasingly complex
and challenging, there are encouraging
signs in the 2019 Global Cyber Risk
Perception Survey that businesses globally
are starting to implement best practices in
cyber-risk management. Most businesses
recognise the magnitude of cyber-risk and
many are shifting aspects of their approach
to match the threat, and most are doing
a good job in traditional cybersecurity,
protecting the perimeter.
Effective cyber-risk management requires
a comprehensive approach employing risk
assessment, measurement, mitigation,
transfer and planning. The optimal program
will depend on each company’s unique risk
profile and tolerance.
C
yber-risk has moved beyond
data breaches and privacy,
there are now sophisticated
attacks that are disrupting
entire countries, industries,
businesses and supply chains. This is
costing the economy billions and affecting
businesses in every sector. Unfortunately,
cyber-risk cannot be eliminated, but it can be
mitigated and managed.
The savviest businesses are building cyber
resilience through comprehensive, balanced
cyber-risk management strategies, rather
than concentrating solely on prevention.
This addresses many of the common and
most urgent aspects of cyber-risk that
businesses today are challenged with
and should be viewed as signposts along
the path to building true cyber-resilience.
Nonetheless, the survey shows that there
remains a considerable gap between where
cyber sits on the corporate risk agenda and
the overall level of rigour and maturity of
cyber-risk management.
Many enterprises globally could benefit
by applying strategic risk management
principles to their cyber-risk approach,
supported by more expertise, resources
and management attention as they build
cyber-resilience.
Cyber-risks
are becoming more
complex and challenging
34
INTELLIGENTCIO
www.intelligentcio.com