Act, Don't React: A Leader's Guide to Cybersecurity
IF IT HASN’T HAPPENED YET, it is only a matter of time before your organization has a ‘cyber incident’. In 2019, when replaced if as the guiding principle. The FBI estimates that a cyber incident will occur every 14 seconds this year, so as you read this, it’s likely that nearly 100 incidents will take place, ranging from minor, accidental disclosures of sensitive information to a major theft of data and other valuable assets by criminals, state-sponsored actors, or terrorists.
What makes the effects of cyber incidents so insidious are their velocity and visibility. Cyber crises unfold in a matter of minutes — hours at best, and they evolve not only at lightning speed, but in the public eye. The consequences usually span the breadth and width of the organization and well beyond, involving suppliers, customers and communities. The impact may take weeks or months to mitigate. Historically, many incidents have led to hugely negative impacts on brands and reputations, reducing enterprise value.
Because cyber incidents are potentially enterprise-value destroying, in most cases, a company’s board of directors will be directly and significantly involved. However, while every board receives regular briefings on the state of their organization’s cyber-readiness and resilience, very few are ready to appropriately respond and act when a cyber incident occurs. In this article we will describe the varied nature of cyber threats and provide advice for how management and boards of directors can deal with them.
The Nature and Extent of Cyber Threats
Cyber threats are the result of three interrelated characteristics: those).
You’re reading a preview, subscribe to read more.
Start your free 30 days