Clarity of roles and responsibilities across Security and IT, and a clear approach putting People and Process first ahead of ready-made Technology solutions, form the only basis on which cyber security maturity can grow, across any organisation, large or small.
As we look towards the next decade, the industry must pivot towards a clearer execution focus: Security cannot be seen any more JUST as a matter of risk appetite or as a box-checking exercise
Nobody can be reasonably expected to be GENUINELY and EFFECTIVELY credible from the board down, across all managerial and technical layers of the enterprise, and transversally across all its silos, from HR to Legal, Procurement or Compliance – and of course across all geographies and cultures for global firms.This profile simple does not exist
Many large organisations now assume that breaches are simply inevitable, due to the inherent complexity of their business models and the multiplication of attack surfaces and attack vectors which comes with it. This realisation changes fundamentally the dynamics around cyber security.
