Today’s columnist, Rob Gurzeev of CyCognito, writes that companies need to think of cyber risk as business risk. (Credit: Stock Photo, Getty Images) The line between business risk and cyber risk has been obliterated. Increasingly, companies can separate risk models built around financial uncertainty and legal liabilities from IT security risk. For risk management officers, that translates to keeping the company chief security officer on speed dial. Cyber risk as business risk isn’t new. For example, cybersecurity compliance has long been a reality for organizations. But trends tied to a new post-pandemic reality for employees and businesses will accelerate the blurring of cyber and business risk lines this year. Those trends include the pace of globalization, heavy reliance on supply chains, new adversarial tactics and geopolitical targets, cloud dependencies, an economic downturn and the slow migration of employees back to the office. It’s a long list, but the confluence has forced organizations to look beyond traditional definitions of risk exposure, assessment, mitigation and monitoring. Meanwhile C-level security and risk leaders are taking a fresh look at cybersecurity liabilities as regulators take a more aggressive stance against companies that they believe are being negligent when it comes to breaches. There are […]
Think of cyber risk as business risk
You may also like...
