Prioritising Cyber Security and Building Operational Resilience: A Critical Business Decision

Many experts agree cyber security is the central challenge of the digital age and should be a top priority for executive management in order to ensure operational resilience and business continuity. Take a look at some of the critical implementations experts recommend business leaders should take in order to effectively manage a cyber attack and minimise damage.

Satya Nadella, CEO of Microsoft, believes that cyber security is the central challenge of the digital age. According to the University of Maryland, hackers execute a cyber attack on computers and internet connected devices every 39 seconds which is incredible when you consider most of us would struggle to even structure a Tweet in such a short period of time. With the exponential growth of cyber attacks occurring around the world, Gartner Inc. reported that worldwide spending on information security products and services exceeded $114 billion in 2018, a sharp increase of 12.4 percent from 2017, and is now expected to reach $123.8 billion by the end of 2020. 

Covid-19 has driven the need for many organisations to allow large parts of their employee base to work from home or remotely. This significant impact on the IT infrastructure has had a knock-on effect to cyber security and how to reduce the attack vectors created by this shift in their network's topology. As a result, urgent reprioritisation (and increases in some cases) of IT and cyber security budgets have been undertaken to reduce risk exposure in this area. 

Identify the Priorities of Your Organisation

While a high level of preparedness does not guarantee cyber security, they are credible steps that businesses can take to minimise their vulnerability to cyber attacks and respond effectively to crisis.

There are many frameworks that information security and risk managers can follow to help identify their priorities. One of the leading standards is NIST - National Institute of Standards and Technology's cyber security framework which aims to: identify, protect, detect, respond and recover.

Cyber Readiness

Moving forward, business leaders can allocate their resources based on their identified priorities and their budget. This is true for any organisation no matter what their size. Larger businesses are generally assumed to have more resources to invest towards cyber readiness but, this does not necessarily mean they are better prepared. It is inevitable that larger organisations have to spend more budget in this area as they tend to suffer a higher average impact cost from cyber attacks. In other words, a larger organisation has to allocate more resources to protect their higher asset base.

Nonetheless, smaller businesses should also be prepared in case cyber attacks are targeted their way. Hiscox recently reported in their Cyber Readiness Report 2020 that smaller firms can easily work towards better cyber readiness by following these three actions:

  • Actively engage employees in cyber awareness training.
  • Proactively deploy antivirus or anti-malware systems with regular updates.

  • Strictly make business decisions on the company's cyber security tolerances.

What can the experts teach us? 

Cyber hackers’ ransomware techniques are constantly evolving to cause the most damage to the organisation. In order to protect the assets of the organisation, it is critical that business leaders implement strong and reliable detection capabilities to stop attacks as soon as possible to minimise their damage.

  1. Do the basics well and build organisational resilience.
    Starting from the basics, business leaders have to identify the devices that are being used for daily operation to implement the necessary anti-malware features with regular updates and data backup.

    Build organisational resilience by enforcing regular security evaluation, additional security and crisis management with experts.

  1. Follow a framework.
    Information Security & Risk managers should always follow a framework to guide their direction in risk management as it provides a useful checklist.

  2. Involve your organisation.
    According to Hiscox, 9 out of 10 experts agree that cyber security is a top priority for executive management. With regular training for the management team and your employees, it ensures that the organisation is aware of the risk appetite of the organisation. This will reinforce the team to make business decisions strictly on the company's cyber security tolerances.

Get in touch with our team at to learn more about the cyber security and cyber awareness functionality of Alyne and how our solution can be leveraged to achieve greater maturity in your organisation.

Eunice Cheah

Related Posts

Real-Time Operational Risk Management in Financial Institutions (Part 1)

With this new article series, we explore and provide insights into Real-Time Operational Risk Management. In this first article, we deep dive into the many challenges of Operational Risk Management in many financial institutions and the goal of achieving an Integrated Risk Management approach that enables the organisation to make risk aware decisions that efficiently focus its resources and increase efficiency.

2021 Recap: Celebrating a Groundbreaking Year

2021 marks an incredible year for Alyne, now part of the Mitratech portfolio. The team invested a tremendous amount of effort and hard work to drive new growth, nurture opportunities, spark meaningful conversations, and incorporate powerful functionality into the platform. Take a look at our work, achievements and snapshots from the year.

Alyne's Assessments: Measuring Compliance Against Multiple Maturity Models

Assessments are an essential tool for measuring compliance. Recently within Alyne, we have improved our capabilities to cover Multiple Maturity Models, which enables users to configure more than one maturity model in their organisation and measure compliance in the levels of their choice. Using this feature, teams can create and customise levels to their Controls, assess compliance across multiple maturity models, create Reports and leverage this functionality in Alyne's Continuous Controls.