Governments and industries worldwide are engaged in a race without a finish line. Adversaries will be continually adjusting their strategies and be identifying new targets and more destructive attacks.
While there are many technological advances that will form part of the solution, businesses need to be looking at the organisation as a whole identifying the risks that face them on a daily basis and put the necessary plans in place to mitigate the risk
Cybersecurity is not the role of I.T. alone
The most senior members of a company’s management team must engage and be at least conversant with this dynamic risk. In your organisation, can the CEO, the CFO or the GC answer the following three questions:
What are your company’s principal cyber vulnerabilities?
What are your key strategies for mitigating those risks?
Are adequate resources being devoted to the task at hand?
Vulnerability assessments are essential.
Every company should conduct a vulnerability assessment. The best place to start is to benchmark your cyber protocols against an established standard.
What are your most critical cyber assets?
Does your organisation primarily rely upon proprietary data or industrial control systems?
Have you assessed the true financial consequences of a large-scale breach?
Cyber risk is now a board-level issue.
Supervisory boards will be putting far more focus and pressure on management teams in the coming year. Expect your board to ask questions about:
Patching of software vulnerabilities implementing multi-factor authentication for user access, and conducting risk assessments of third-party vendors and suppliers.
If it takes your organisation three times longer to identify a cyber intrusion as other companies, will that be satisfactory for your board?
What cyber insurance does the business have in place?
Internet and network exposures are usually excluded from traditional insurance policies. Riskworks, however, works with leading cyber risk insurers to develop cyber risk insurance protection including:
Liability, privacy, and confidentiality
Telephone and mobile hacking
Copyright trademark and defamation
Malicious code and viruses
Business interruption and computer failure
Website defacement and cyber extortion
Technology errors and admissions
Intellectual property infringement
Consequential reputational harm
Talk to Jon Davies and the team on 01625 547754 or visit www.cyberliability.uk.com