Is Your Cyber Risk Management Up To Scratch?
By Riaan Bekker
We are on the brink of – or in the very early stages of – the Fourth Industrial Revolution. This era is characterised by technology playing more of a role, than it has ever before, in our lives through, for example, the Internet of Things and big data. This means that we are now – more than ever – at risk for cyber attacks as technology has become so pervasive and integral in our daily lives.
What is cyber risk management?
Simply put, cyber risk management is the process of mitigating against the risk posed by criminal activities carried out by means of computers or the internet and are attacks which – as the Global Economic Crime Survey’s 2016 5th South Africa Edition points out – are on the rise. In actual fact, cybercrime is the fourth-most reported economic crime:
- A total of 32% of organisations report to have been affected by cybercrime while a staggering 57% of companies state that they will be affected by cybercrime in the next two years.
- Globally, 61% of CEOs see cybersecurity as one of their top priorities, and
- Only 35% of organisations have a plan in place to mitigate the risks of cybercrime.
How are cyberattacks carried out?
Some of the current trends are:
- Payment breaches, and
- Data breaches in order to access online consumer passwords as well as Protected Healthcare Information (PHI).
What do you need in place?
A Ponemon Institute Research report found the following top 10 preventive measures and controls implemented after a cyber breach ranked from highest to lowest:
- Training and awareness programs
- Additional manual procedures and controls
- Expanded use of encryption
- Security certification or audit
- Security intelligence systems
- Identity and access management solutions
- Endpoint security solutions
- Data loss prevention solutions
- Strengthening of perimeter controls
- Other system control practices
As important as all the preventive measures, your post-loss control measures are also critical in reducing the severity and extent of your loss. Having a Cyber Incident Response Plan in place – to deal with the repercussions of cybercrime – will help your company reduce costs associated with a data breach. The Ponemon research reports a reduction of $16 per record if you have an effective response plan in place.
Riskonnect – an integrated risk management platform that is exclusively marketed in South Africa by thryve – will assist you with not only keeping track of your Cyber risks, controls and compliance management, but also implementing an effective incident response plan in the event that a breach does occur. Click here for more information.
To receive a monthly email consisting of a summary of all articles published by thryve during the previous month, please click here.