In many firms, the equation between Governance, Risk and Compliance around cyber security is becoming heavily weighted towards the G, and GRC functions must adjust as a result, both in terms of internal structures and in terms of interactions with other stakeholders.
It is often expected that once you have a Data Governance or Data Quality Team in place that they will fix all your data quality issues. But are they really responsible for resolving them?
Over time, unenforced regulations simply get ignored and become useless. It is likely that things won’t change until the regulators make them change, and they will have to go sooner or later through a harder enforcement line.
It is now becoming crystal clear that cybersecurity – beyond good practice and good ethics – is quite simply good business. As a recent Cisco study made clear, cybersecurity will help fuel (and protect) an estimated $5.3trillion in private sector digital Value at Stake in the next 10 years. This is the kind of numbers boards cannot afford to overlook.