INTELLIGENT BRANDS // Enterprise Security
“Decision-makers should think of it as a
natural evolution from pure cybersecurity to
a cyber resilience approach that is more of
a methodology focusing on the measures
and policies that need to be put in place to
ensure continual business operations.”
The traditional way of thinking about
security is very much driven by the nuts and
bolts of solutions. This results in the business
losing sight of the larger organisational
impact that malicious attacks could have on
the success of the company.
Cyber resilience represents a huge shift in the
industry – one which is more geared towards
managing risk. This entails all facets of data,
from its security through to its backup and the
business continuity measures put in place to
resume operations in the event of a disaster
(man-made or otherwise).
Cyber resilience espouses a layered approach
that incorporates the technology, the
systems and processes, as well as the human
resources within an organisation. In this way,
security covers all the potential entry points
into the organisation. This way of combating
cybercrime is something that is integral
to how security should be treated in the
connected world.
72
INTELLIGENTCIO
POWERED BY
“Many companies are still using older,
more traditional ways of looking at security
without factoring in the risk component,”
said Berndt. excuse. Similarly, no company (irrespective
of industry or size) can afford not to have
cybersecurity integrated into all facets of
the organisation.”
“Adding to this is an expanding C-suite
with more specific corporate roles being
introduced, such as the CSO and CDO
that report to the CEO from a strategic
perspective. In this environment, does the
issues of risk and compliance only still form
part of the CFO’s duties? Definitely not.” Cyber resilience requires a layered approach
to be managed effectively. It is as much a
technology problem that needs solving as it
is a human one. Being cognisant of all the
entry points into an organisation and how to
deal with them, should be the foundation on
which cyber resilience is built.
Business education “It is imperative to embrace cyber resilience
as a way of doing business if companies are
to mitigate the risks that operating in a digital
environment can bring,” added Berndt.
Security has moved away from being purely
one based on opportunities to become more
of a functional environment where people
are employed to conduct attacks. And thanks
to the rise of cryptocurrency where there is
less of a paper trail to track such payments,
the likes of Bitcoin and others are enabling
the hacking industry by getting them to
incentivise people for attacks.
“Decision-makers need to be educated about
the importance of effective cybersecurity
policies and solutions,” said Berndt.
“In the digital business environment,
ignorance can no longer be used as an
“From ransomware to data corruption,
phishing attacks to identify theft, the
environment is a fast-paced one needing
an integrated way to safeguard data.
There is no choice but to accept it as a
reality of doing business and embrace it
wholeheartedly. Organisations need to think
of risk as prevention, security and recovery if
they are to remain effective and safeguard
their data. More importantly, security is not
purely about technology any longer but
also about the people and processes. Cyber
resilience helps with this.” n
www.intelligentcio.com