Positioning cyber security at the top of the business agenda
CYFOR technical director Keith Cottenden on how the issue of cyber security has come to the fore as a result of recent cyber attacks.
The recent elevation in cyber attacks and the inevitable media coverage that followed has propelled cyber security into the limelight. Understanding the tangible risks involved from a business perspective and positioning cyber security at the top of the Board agenda is the next logical step forward.
Directors understand the need to safeguard their company’s digital assets and that cybercrime is a risk management issue that requires their complete oversight. They are responsible for the future of their organisation, with shareholders expecting that suitable investment has been implemented to mitigate risk in multiple forms.
Unfortunately, the IT world is a complex and rapidly evolving system, which can prove challenging for directors who are constantly striving to keep informed with the latest cyber security updates. Failure to do so can have accountable consequences that rest firmly on their shoulders, which includes regulatory fines (the incoming GDPR on 25th May 2018) and dismissal for failure to adequately implement organisational cyber security in the event of a security incident.
How can they adequately prepare themselves for this increased accountability?
Firstly, direct visibility into their cyber security strategy needs to be maintained at all times. This includes establishing the most effective cyber strategy in alignment with the day to day operational elements of the business as well as implementing a cyber incident response plan.
Establishing the importance of cyber security within the core of the business. This isn’t just the technical IT aspects, such as security systems but also the culture. Educating employees on cyber security best practices and warning signs to be aware of, such as malicious emails.
Engaging with and utilising external professionals who can deal with the more complex elements of a cyber security strategy is key. CYFOR provide a range of risk mitigating services, including Vulnerability Assessments and Cyber Security Audits, which are specifically designed to expose weaknesses and high risk practices within an organisation.
Ultimately, senior management within an organisation must be vigilant and ensure that they are doing everything within their power to mitigate any potential risks and ensure that they are fully prepared to respond in the event of an incident.