Cyber risks are becoming more complex and challenging

The rate at which digital technology is evolving and disrupting traditional business models, cyber risks seem to evolve even faster.

Despite declining business confidence in the ability to manage cyber risk, business leaders are now clearly recognising the critical nature of cyber threats and are starting to identify and embrace best practices to mitigate risks, said cybersecurity expert and J2 Software CEO John Mc Loughlin. 

According to Mc Loughlin, cyber risk has moved beyond data breaches and privacy, there are now sophisticated attacks that are disrupting entire countries, industries, businesses and supply chains. This is costing the economy billions and affecting businesses in every sector. Unfortunately, cyber risk cannot be eliminated, but it can be mitigated and managed.

“The savviest businesses are building cyber resilience through comprehensive, balanced cyber risk management strategies, rather than concentrating solely on prevention. These more complex approaches account for the need to build capabilities in understanding, assessing and quantifying cyber risks in the first place, as well as adding the tools and the resources to respond to and recover from cyber incidents when they inevitably occur,” said Mc Loughlin.

As cyber risks become increasingly complex and challenging, there are encouraging signs in the 2019 Global Cyber Risk Perception Survey that businesses globally are starting to implement best practices in cyber risk management. Most businesses recognise the magnitude of cyber risk and many are shifting aspects of their approach to match the threat, and most are doing a good job in traditional cybersecurity, protecting the perimeter, said Mc Loughlin.

Mc Loughlin explained that effective cyber risk management requires a comprehensive approach employing risk assessment, measurement, mitigation, transfer, and planning, and the optimal program will depend on each company’s unique risk profile and tolerance.

This addresses many of the common and most urgent aspects of cyber risk that businesses today are challenged with, and should be viewed as signposts along the path to building true cyber resilience. Nonetheless, the survey shows that there remains a considerable gap between where cyber sits on the corporate risk agenda and the overall level of rigour and maturity of cyber risk management, said Mc Loughlin.

“Technology is dramatically transforming the global business environment, with continual advances in areas ranging from artificial intelligence and the Internet of Things (IoT) to data availability and blockchain. Especially in an ‘Internet of Everything’ era with digitally dependent supply chains and innovative technology, yesterday’s practices and mindsets are not enough, and may actually inhibit innovation,’ said Mc Loughlin.

Mc Loughlin explained that optimising security from the castle to the wider community is harder but inevitable. It requires a shift from solely focusing on enterprise security to embracing responsibility for network security across the entire supply chain.

Mc Loughlin noted that the survey points to a number of best practices that most cyber-resilient firms employ and which all firms should consider adopting:

• Create a strong cybersecurity culture with clear, shared standards for governance, accountability, resources, and actions.
• Quantify cyber risk to drive better-informed capital allocation decisions, enable performance measurement, and frame the cyber risk in the same economic terms as other enterprise risks.
• Evaluate the cyber risk implications of new technology as a continual and forward-looking process throughout the lifecycle of the technology.
• Manage supply chain risk as a collective issue, recognising the need for trust and shared security standards across the entire network, including the company’s cyber impact on its partners.
• Pursue and support public-private partnerships around critical cyber risk issues that can deliver stronger protections and baseline best practice standards for all.

Related article:

https://www.citizen.co.za/alex-news/117504/travel-smart-cyber-security-tips/