Consider this; in 2018 over a billion people were affected by data breaches. Similarly, just a few days into 2019 and major organisations suffering data breaches were hitting headlines. From Singapore Airlines to the German Parliament, these most recent breaches continue to show that no sector is immune from cyber risk, which is undoubtedly one of the greatest risks facing companies today. When such cyber incidents occur, headlines tend to focus on the technical how’s and why’s of the breaches themselves, rather than the long-term financial fallout. Despite much improved education on cyber threats, there is still a startling lack of understanding on how the day to day management of cyber hygiene affects an organisation’s long-term value.
For cyber risk, governance matters more than deploying the latest technology.
Considering the research showing that the value of corporations’ assets is increasingly digital, the lack of emphasis onon-going cyber risk assessment—as a starting point for proper cyber management— should be considered unconscionable by businesses leaders, regulators and investors.
For example, few established companies would consider taking on a new supplier or partner without undertaking a thorough audit of its financial stability and credit rating—it is often a legal or compliance requirement considered basic “best practice”. Very few, however, will undertake the same audit of a partner or acquisition target’s IT controls and cyber management practices.