Prioritising Cyber Security and Building Operational Resilience: A Critical Business Decision

Many experts agree cyber security is the central challenge of the digital age and should be a top priority for executive management in order to ensure operational resilience and business continuity. Take a look at some of the critical implementations experts recommend business leaders should take in order to effectively manage a cyber attack and minimise damage.

Satya Nadella, CEO of Microsoft, believes that cyber security is the central challenge of the digital age. According to the University of Maryland, hackers execute a cyber attack on computers and internet connected devices every 39 seconds which is incredible when you consider most of us would struggle to even structure a Tweet in such a short period of time. With the exponential growth of cyber attacks occurring around the world, Gartner Inc. reported that worldwide spending on information security products and services exceeded $114 billion in 2018, a sharp increase of 12.4 percent from 2017, and is now expected to reach $123.8 billion by the end of 2020. 

Covid-19 has driven the need for many organisations to allow large parts of their employee base to work from home or remotely. This significant impact on the IT infrastructure has had a knock-on effect to cyber security and how to reduce the attack vectors created by this shift in their network's topology. As a result, urgent reprioritisation (and increases in some cases) of IT and cyber security budgets have been undertaken to reduce risk exposure in this area. 

Identify the Priorities of Your Organisation

While a high level of preparedness does not guarantee cyber security, they are credible steps that businesses can take to minimise their vulnerability to cyber attacks and respond effectively to crisis.

There are many frameworks that information security and risk managers can follow to help identify their priorities. One of the leading standards is NIST - National Institute of Standards and Technology's cyber security framework which aims to: identify, protect, detect, respond and recover.

Cyber Readiness

Moving forward, business leaders can allocate their resources based on their identified priorities and their budget. This is true for any organisation no matter what their size. Larger businesses are generally assumed to have more resources to invest towards cyber readiness but, this does not necessarily mean they are better prepared. It is inevitable that larger organisations have to spend more budget in this area as they tend to suffer a higher average impact cost from cyber attacks. In other words, a larger organisation has to allocate more resources to protect their higher asset base.

Nonetheless, smaller businesses should also be prepared in case cyber attacks are targeted their way. Hiscox recently reported in their Cyber Readiness Report 2020 that smaller firms can easily work towards better cyber readiness by following these three actions:

  • Actively engage employees in cyber awareness training.
  • Proactively deploy antivirus or anti-malware systems with regular updates.

  • Strictly make business decisions on the company's cyber security tolerances.

What can the experts teach us? 

Cyber hackers’ ransomware techniques are constantly evolving to cause the most damage to the organisation. In order to protect the assets of the organisation, it is critical that business leaders implement strong and reliable detection capabilities to stop attacks as soon as possible to minimise their damage.

  1. Do the basics well and build organisational resilience.
    Starting from the basics, business leaders have to identify the devices that are being used for daily operation to implement the necessary anti-malware features with regular updates and data backup.

    Build organisational resilience by enforcing regular security evaluation, additional security and crisis management with experts.

  1. Follow a framework.
    Information Security & Risk managers should always follow a framework to guide their direction in risk management as it provides a useful checklist.

  2. Involve your organisation.
    According to Hiscox, 9 out of 10 experts agree that cyber security is a top priority for executive management. With regular training for the management team and your employees, it ensures that the organisation is aware of the risk appetite of the organisation. This will reinforce the team to make business decisions strictly on the company's cyber security tolerances.

Get in touch with our team at support@alyne.com to learn more about the cyber security and cyber awareness functionality of Alyne and how our solution can be leveraged to achieve greater maturity in your organisation.

ZurückWeiter
Eunice Cheah

Related Posts

Tackling The Surge In Information Security Incidents

Ransomware attacks in 2021 have become more sophisticated and disruptive than they have ever been. With this increase, it is imperative for business leaders to build up comprehensive defense against information security attacks by leveraging both mandatory and voluntary standards. In this article, Alyne Senior Consultant, Maximilian Millitzer elaborates on what business leaders should do to enable a quicker response, in the event of an information security incident.
Weiterlesen

Gearing Towards Greater Cyber Security Maturity in the Automotive Sector

The automotive industry is moving full speed ahead towards the software defined car and regulations and standards such as UN R155 and ISO/SAE 21434 have made it mandatory for businesses in the automotive industry to be compliant with cyber security management. Learn about Product Security Organisation Framework (PROOF), developed by Escrypt ad KPMG in partnership with Alyne's technology, and get the details on the upcoming workshop at escar (The world's leading automotive cyber security conference).
Weiterlesen

Tightened Cyber Security Awareness Training To Combat Heightened Attempts

October is Cybersecurity Awareness Month. This 2021, Co-founder of Alyne, Stefan Sulistyo shares how Alyne goes beyond the notion of being in compliance with various security awareness requirements to strengthen our collective digital ecosystem – especially during remote working, and the recent acquisition of Alyne by Mitratech – two events which have heightened cyber and phishing attempts across the business.
Weiterlesen