Managing cybersecurity governance

  • Cybercriminals are increasingly finding ways to manipulate human trust in order to bypass the security protocols they can’t overcome via technical means alone.
  • While board members set the tone for the rest of the organisation, cybersecurity training should extend to employees.
  • An understanding that it’s impossible to stop all incidents will enable an organisation to shift its focus from planning for failure to learning from and reacting to failure.

Hooded figure against data/technology background

Boards and management need to keep a razor-sharp eye on cybersecurity as cybercriminals become increasingly sophisticated and find new ways to scam organisations.

For organisations, the risks are not just costly. Cyber attacks in 2017 also resulted in the loss of intellectual property, dented share prices and customer confidence, increased the threat of litigation as well as caused businesses public embarrassment in 2017, according to the Telstra Security Report 2018.  

Worryingly, established security threats, such as ransomware, are still growing quickly. US cybersecurity company Carbon Black put the growth rate of underground ransomware economy at 2,500 per cent in 2017. 

As Telstra notes in its security report, this type of threat is supported by the growth of underground markets operating on the dark webs with the ubiquity of cryptocurrencies, such as bitcoin, allowing buyers and sellers to transact almost anonymously.

This article is exclusive to Governance Institute members and subscribers.

To read the full article…

or Become a member