Cybersecurity - protecting your business

Friday, 10 October 2014

    Current

    Cybersecurity is a growing challenge for organisations, leading organisations take a strategic approach to cybersecurity.


    Why cybersecurity is a strategic issue
    Bain & Company, February 2014

    Cybersecurity is a growing challenge for organisations. A Bain & Co. article, "Why cybersecurity is a strategic issue", states that leading organisations take a more strategic approach to cybersecurity, rather than an operational approach.

    The article observes that we are seeing more cyber-attacks, it is becoming increasingly difficult for organisations to protect against cyber-attacks, and the average financial impact of each security breach is increasing. Accordingly, CEOs and boards must begin to think about IT security in a new way (delegation to IT staff is no longer sufficient). The article states: IT security “has become a top-level strategic issue because the consequence of failure can ruin a business”.

    5 steps towards a strategic approach to cyber security

    Bain & Co. identify some common problems that leave organisations vulnerable. There is, for example, often a failure to align IT security capabilities with the organisation's larger goals and appetite for risk. The article describes 5 steps towards a strategic approach to cybersecurity. As part of this process, the board should be made aware of security-related risks and gaps.

    Notwithstanding the potentially devastating financial and reputational consequences for organisations of cybersecurity breaches, many boards are still not adequately addressing this issue. In the US, for example, “PwC’s 2014 annual corporate directors survey” found that nearly half of directors had not discussed the company’s crisis response plan in the event of a cybersecurity breach. It is likely that the situation in Australia is similar. The Boston Consulting Group also observes in a recent article titled “Cybersecurity meets IT risk management” that companies often fail to include IT security as an integral part of overall corporate risk management.

    Latest news

    This is of of your complimentary pieces of content

    This is exclusive content.

    You have reached your limit for guest contents. The content you are trying to access is exclusive for AICD members. Please become a member for unlimited access.