Cyber Defense eMagazine March Edition for 2022

More documents

Recommendations

Info

Make clear the opportunity cost There is, of course, a cost to cyber security systems, but the cost to not having them is far larger. The average cost of an attack has been rising rapidly and now stands at $3.9 million, according to the annual Cost of a Data Breach Report by IBM and the Ponemon Institute, although this rises to $8.64 million in the US. This includes costs of OT systems and hardware, disruptions to critical activity resulting in down time and business lost, and fines. When put in this context, the investment in cyber security will seem minimal. Businesses that rely on insurance as mitigation may feel that they are covering the financial cost, but this does not take into account the cost of reputational damage, which can far exceed any monetary loss. Further, the insurance market is taking a tougher stance due to the rising frequency and scale of cyber-attacks. This makes it a multi-faceted challenge for finance leaders. Think about long term sustainability Cyber-resilience is about ensuring the continued success of an organization. Business continuity, reputation and finance are all at stake, but also the potential for injury and even loss of life. Imagine how much money would be lost if you were unable to service clients, and the reputational damage of a splash across the headlines. To continually win new business you need to be able to show you are diligent and trustworthy, and cyber security plays a big role in this. Data security is increasingly important, and customers will not want to do business with you if their own information is seen to be at risk. Similarly, vendors will harbor concerns about stability and ultimately shareholders will become worried about performance. See cybersecurity not as an IT overhead but an OT asset Cyber security is not just a tick box or policy adherence exercise, but brings huge value. It’s about more than systems and software of IT – it’s essential for full and essential OT. The CFO’s remit spans the entire business, meaning they are perfectly positioned to support cyber security efforts spanning the entire estate. They are able to look at the technology and systems and what investment in them can bring the business from a strategic standpoint. Improve the risk management framework The CFO’s job is to finance things that are business critical. If the Chief Information Officer (CIO), Chief Information Security Officer (CISO), Senior Management Team (SMT) make cybersecurity part of everyone’s role, from team members to those at the top of the organization, it ensures it is ingrained in policy and procedure. By having this shared visibility and responsibility, it will be clearer as to why it needs financing, not just as a cost centre, but an enabler. Cyber security is about protecting the assets that are of value to your company, and so should be embedded in everything that you do. Effective governance is essential to business success. Cyber Defense eMagazine – March 2022 Edition 26 Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.
Help them mitigate potential risks Across the business we are constantly putting plans and procedures in place to mitigate risk. And most often this risk is based on potential risk, rather than historic experience. Just because it hasn’t happened doesn’t mean it won’t. In fact, threats are constantly changing and cyber criminals are increasingly diversifying the comprehensive strategies that they use to infiltrate organizations. Most businesses have smoke alarms or defibrillators yet have never had a fire or someone have a heart attack during the working week. They have this equipment installed to minimise the impact of any future disaster. The same is true of cybersecurity. CFOs should think of cyber security as part of the package that a business has to mitigate against risk and maintain fully functioning OT at all times to ensure business activity can proceed as normal. CFOs should therefore be discussing cyber-risk exposure with their CIO and CISO regularly. This ensures it doesn’t just get thought about on an annual basis but is front of mind all year round. That regular reminder of why it is so important will help ensure that it is viewed as a business critical expense that needs to be fully backed financially. Use their expertise Your CFO does not have to be a cyber security expert. But their risk management skills will be essential to asking the right questions around issues such as where data is stored and who has access to it. They especially understand the risks and issues presented by protecting financial data. By ensuring that your CFO is part of the process for assessing risk, identifying assets and selecting vendors, they become part of that process of essential cyber security. Present a united front The CFO is a business-critical part of strategic and functional operations across the organization. Businesses fall prey to cyber-attacks when they have a weak link. We think of clients as castles, and all of the battlements need to be strong. This includes everyone from the CEO to the cleaner to the connected systems used to make the business run. Vigilance and security are crucial across the board, and the CFO is an integral part of that. We know that cyber security is essential. In the modern working environment, more and more of us are geographically dispersed and more devices are connected to the internet. At the same time cyber criminals are getting increasingly sophisticated. Cyber security needs to be a top priority for all organizations – and all members of those organizations, including the CFO. Investment in cyber security is absolutely business-critical, and by making your CFO part of the strategic journey of cyber security you will make it easier to get that much needed sign off. Cyber Defense eMagazine – March 2022 Edition 27 Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2: Why Changing Classified Document St
Page 3 and 4: Tips And Trends for OT Cybersecurit
Page 5 and 6: @MILIEFSKY From the Publisher… De
Page 7 and 8: Welcome to CDM’s March 2022 Issue
Page 9 and 10: Cyber Defense eMagazine - March 202
Page 19 and 20: level of concern while working remo
Page 21 and 22: The Fragility of a GPS Centric Worl
Page 23 and 24: Formerly known as LOng-RAnge Naviga
Page 25: The Role of The CFO In Enterprise C
Page 29 and 30: The Safest Ways for Bitcoin Trading
Page 31 and 32: and clear instructions through a "N
Page 33 and 34: According to Cybereason’s “Rans
Page 35 and 36: If you implement these three tips,
Page 37 and 38: • Nearly half of zero-day malware
Page 39 and 40: Don’t Become a Horrible Headline:
Page 41 and 42: pandemic era. By empowering profess
Page 43 and 44: Have We Learned from Our Past Mista
Page 45 and 46: internet, etc. How much training is
Page 47 and 48: How to strengthen cyber resilience
Page 49 and 50: A BCDR solution with automated disa
Page 51 and 52: 1. Cybersecurity Incidents Will Bec
Page 53 and 54: Is XDR The Right Solution for Today
Page 55 and 56: How Open XDR Helps Open XDR address
Page 57 and 58: A very small set of next-gen SIEM s
Page 59 and 60: • What are my options for data la
Page 61 and 62: Additionally, we’ll witness the r
Page 63 and 64: Top 10 Reasons Cyber Defense Firms
Page 65 and 66: 4. Teamwork and individual responsi
Page 67 and 68: 5 Reasons Organizations Need Compre
Page 69 and 70: systems to manage identity and acce
Page 71 and 72: Directed Analytics - The Future of
Page 73 and 74: Directed analytics allow these insi
Page 75 and 76: InDesign and uploaded to indd.adobe
Page 77 and 78:
Are You Prepared for the New Normal
Page 79 and 80:
• Find Unseen Risk - The hardest
Page 81 and 82:
intruders were able to gain control
Page 83 and 84:
About the Authors Michael Cheng is
Page 85 and 86:
Why am I rehashing this old trope?
Page 87 and 88:
1. Look for and minimize attack sur
Page 89 and 90:
On The Frontline in The War Against
Page 91 and 92:
How to Fix Mid-Market Security Usin
Page 93 and 94:
the particular victims being target
Page 95 and 96:
5 Ways Cybersecurity Will Change In
Page 97 and 98:
#3: Supply chains will be the big r
Page 99 and 100:
Executive Order Instructs Certain O
Page 101 and 102:
• Stay ahead of fraud. Fraud cost
Page 103 and 104:
Too Hot to Handle:The case for Zero
Page 105 and 106:
Critically, endpoint security only
Page 107 and 108:
To prevent lateral movement attacks
Page 109 and 110:
Redefining Resilience in The New Wo
Page 111 and 112:
About the Author Andrew Lawton is C
Page 113 and 114:
Cyber Defense eMagazine - March 202
Page 115 and 116:
Page 117 and 118:
Page 119 and 120:
Page 121 and 122:
Page 123 and 124:
Page 125 and 126:
Page 127 and 128:
Page 129 and 130:
Page 131 and 132:
Page 133 and 134:
Page 135 and 136:
CyberDefense.TV now has 200 hotseat
Page 137 and 138:
Books by our Publisher: https://www
Page 139 and 140:
show all

Cyber Defense eMagazine March Edition for 2022

Create successful ePaper yourself

Delete template?

Save as template?