MITIGATING CYBER RISK: A GROWING IMPERATIVE
In the current digital space, companies are operating in an uncertain environment. They are facing unprecedented challenges that are rapidly evolving, all while attempting to efficiently manage their business costs.
According to the recent ‘World Economic Forum Global Risk Report’, cyber failure is rated among the top risks in 2021. Cyber risk has gradually moved up the risk ladder for the past 10 years as our reliance on technology continues to grow. With this in mind, it is worth considering what impact cyber risk will have on your business over the next five years.
First, we need to address the basics of cyber security, starting with its definition. Cyber security describes those tools, policies, processes, practices and controls dedicated to protecting data stored in systems from cyber attacks and cyber risks. The term has been defined differently over the years, but regardless of any standard, the main objective is protecting against, preventing and detecting cyber threats.
For companies, threats can come from both probable and improbable sources, internally and externally. Insider threats include malicious employees, whose intent is to breach the company’s technological security posture. Meanwhile, external cyber criminals, such as hackers or hacktivists, aim to impact a company’s reputation by blackmailing it or ransoming its data, and breaching customer privacy by sharing data online or similar criminal actions.
As cyber attacks increase, according to our annual ‘State of Cybersecurity’ report, governments and regulatory bodies have attempted to meet the challenge. We have seen a surge of new regulations drafted and standards issued. Government bodies are demanding that companies strengthen and upscale their existing security systems and tools to align with international best practices, and imposing harsh penalties on those that fail to comply.
Oct-Dec 2021 Issue
Information Systems Audit and Control Association (ISACA)