THIS
THIS AND
AND THAT
THAT
Cybersecurity: How to Build Resilience
Top 3
Remember Equifax?
cyberattack concerns
identified by executives in a
global survey 1 :
40% Disruption of operations
39% Compromise of data
29% Damage to physical property
One missing security patch
compromised the data of:
15.2M UK customers
145M US customers
8,000 CDN customers
Costs to Equifax: US$87.5M and the jobs
of the CEO, CISO, and CSO 2
CYBER RISK = BUSINESS RISK
Yet most companies don’t have a resilient strategy 3
44%
have no overall information
security strategy
Start
at the top
(involve
mgmt/board)
Designate
an in-house
cyber expert
Build
resilience into
your
cybersecurity
strategy 4
Educate your
staff on best
practices
1 & 3
have no cyberincident
response plan
Take stock of
your assets and
prioritize them
30%
of cyberincidents are
caused by employees
Assets most essential
to operations 5
Create a
critical response
plan
Perform
regular tests
and updates
–
–
–
– Proprietary information
–
– Networks and servers
–
–
– Smartphones and tablets
Intellectual property
Client data
Confidential financial data
Any publicly available data
Computers
Hardware
PwC, The Global State of Information Security Survey 2018, October 18, 2017. (pwc.com/gsiss)
2 Richard
4
Restrict
access to critical
assets
54%
Priday, “Equifax Q3 results: Not as bad as you might have hoped—hack only cost biz about $87m,” November 10, 2017. (theregister.co.uk)
McKinsey & Company, “Protecting your critical digital assets: Not all systems and data are created equal,” January 2017. (mckinsey.com)
5 McKinsey
& Company, “Hit or myth? Understanding the true costs and impact of cybersecurity programs,” July 2017. (mckinsey.com)
CPABC in Focus • March/April 2018 31