As we look towards the next decade, the industry must pivot towards a clearer execution focus: Security cannot be seen any more JUST as a matter of risk appetite or as a box-checking exercise
Nobody can be reasonably expected to be GENUINELY and EFFECTIVELY credible from the board down, across all managerial and technical layers of the enterprise, and transversally across all its silos, from HR to Legal, Procurement or Compliance – and of course across all geographies and cultures for global firms.This profile simple does not exist
Many large organisations now assume that breaches are simply inevitable, due to the inherent complexity of their business models and the multiplication of attack surfaces and attack vectors which comes with it. This realisation changes fundamentally the dynamics around cyber security.
Cyber security is becoming a matter of good corporate governance, good ethics, and quite simply – good business.
As every enterprise is becoming more and more data-driven, it is key for the Board to realize that cyber security is becoming a central tenet both of its core business and of its social impact and governance strategies.
It is now becoming crystal clear that cybersecurity – beyond good practice and good ethics – is quite simply good business. As a recent Cisco study made clear, cybersecurity will help fuel (and protect) an estimated $5.3trillion in private sector digital Value at Stake in the next 10 years. This is the kind of numbers boards cannot afford to overlook.
Talent alienation is the biggest issue behind the cybersecurity management skills gap, but it shouldn’t be the case