The global cyber threat continues to evolve at a rapid pace, with a rising number of data breaches each year. With the scale of the cyber threat set to continue to rise, the International Data Corporation predicts that worldwide spending on cyber-security solutions will reach a massive $133.7 billion by 2022. Governments across the globe have responded to the rising cyber threat with guidance to help organizations implement effective cyber-security practices. Recent large-scale sophisticated cyber attacks on some of major US organizations, have revealed the intensity of such threats and vulnerability of IT infrastructure.
Earlier this year, hackers secretly broke into Texas-based SolarWind's systems and added malicious code into the company's software system. SolarWinds, a major US information technology firm, was the subject of a cyber attack that spread to its clients and went undetected for months. Foreign hackers were able to use the hack to spy on private companies like the elite cyber security firm FireEye and the upper echelons of the US Government, including the Department of Homeland Security and Treasury Department.
In post-COVID-19 world where dependence on IT services has increased exponentially. Organizations having irregular or inefficient Cyber Security systems are more prone to Cyber attacks. However, due to ever increasing sophistication of technology and capabilities of actors behind such cyber attacks, pose equal threat to every organization.
In today’s computerized world, new risks emerge every hour of every day. Connecting to the Internet opens up the possibility of a hacker targeting your organization. Cybercrime is becoming big business and cyber risk a focus of organizations and governments globally. Monetary and reputational risks are high if organizations don’t have an appropriate cyber security plan.
A cyber security governance and risk management program should be established which is appropriate for the size of the organization. Cyber security risk needs to be considered as a significant business risk by the owners and directors. This should be at the same level as compliance, operational, financial and reputational risks with suitable measurement criteria and results monitored and managed.
Proper IT governance procedures within an organization are critical. Implement a formal risk assessment process and develop policies to ensure that systems are not misused and ensure that applicable policies are continually reviewed and updated to reflect the most current risks. This includes developing incident response policies and procedures to properly respond to, account for and help mitigate the cost of a potential breach.
Ongoing education to all employees on technology risks should form part of the organizations risk management framework, with potential security breaches being mitigated as a result of education and policies being promulgated to all levels of staff.
Considering the importance of matter, Centre for Independent Director, IICA organized a online discussion called “Power Panel: Cyber Security as Board Room Agenda” on 8th January, 21 with aim to provide our members information regarding emerging risks and widely adopted cyber security models to manage such risks.
Your password has been successfully updated! Please login with your new password
The link is unavailable for your login. Please empanel with the ID Databank to access this feature. For more information, email support@independentdirectorsdatabank.in or call 1-800-102-3145.