The first of three steps is to designate a senior partner who’s the responsible officer for firm-wide cybersecurity. In the day-to-day management of technology or in a crisis, it is far better to have a skillful leader rather than a subject matter expert. In choosing the right person, his or her leadership skills — communication and crisis management — are equally important.
If you switch from reacting to attacks to preventing them through a cyber wellness program, you’ll be prepared. Here are four steps you need to take if a database gets hacked.
It’s up to management to make sure IT’s got a seat at the table, Martin says in this interview on the Business Security Weekly podcast.
The military strategy called “Defense in Depth” can be applied to cybersecurity. It has defenders deployed in a series of pre-planned positions from which they can advantageously attack the advancing enemy.
Digital communication adds additional functionality and control – but also creates new vulnerabilities. It’s impossible to centrally control every connection with employees and clients – therefore a new approach is required.
There’s growing concern within intelligence communities that hostile governments could cyber-invade financial institutions, not to steal money — but to pollute, destroy and manipulate data. One of the biggest exposures lies in the cloud.
Experts say that instead of a cyber attack that deletes or releases stolen data, the next wave of attacks will merely change digital data to compromise its integrity so that, for example, all the tax return data in your systems are no longer correct.
Getting comfortable with your company’s cybersecurity program means being able to answer questions like, “Are we thinking about security the right way, and where is all this going?”
BitSight: You were Chief Risk Officer (CRO) at several major financial institutions. What is the role of the CRO with respect to understanding and overseeing newer, disruptive risks such as cyber?
Excerpt from GARP.org The fast-changing threat landscape requires a data-centric paradigm shift By David X Martin Corporate cultures do not change…