advertisement
Facebook Instagram Linkedin Youtube Spotify
Search
Close this search box.
Facebook
X
LinkedIn
WhatsApp
Reddit

Are business leaders taking cybersecurity seriously enough?

  • Research from Gartner shows that as little as 13 percent of board of directors have created cybersecurity boards within companies.
  • This creates a gap of understanding that can have disastrous consequences.
  • CEO at SLVA CyberSecurity, Patrick Evans, explains how having a team dedicated to navigating cyber risk can benefit firms.

There is a stark difference between acknowledging that there is a cybersecurity risk and implementing measures to mitigate that risk.

At the tail end of 2021, Gartner published its Board of Directors Survey and highlighted that 88 percent of those surveyed saw cybersecurity as a business risk and not just a checkbox for the IT team to tick.

However, there are still concerns, primarily as regards understanding cybersecurity.

“In light of this, you need to think more strategically about presenting cybersecurity in terms of business risks and not technology. All functional heads must be aware of the significant ramifications across the organization,” wrote Kasey Panetta for Gartner.

Alarmingly as little as 13 percent of board members surveyed reported that they have created a cybersecurity specific board overseen by dedicated individuals. On the surface one might think that cybersecurity doesn’t change all that often but slight adaptations or changes can have wide reaching ramifications. As an example, ransomware was already a major concern, but recently extortion and threats of making stolen information public have amplified the risk this attack presents.

Understanding the evolving nature of the risk is a vital aspect of cybersecurity and the C-suite needs to acknowledge this.

“In the same way that boards are tasked with ensuring appropriate financial governance and due diligence, cybersecurity is part and parcel of carrying out fiduciary responsibility to shareholders and managing business risk. Cyberattacks do not simply take down a website. They can completely shut down business processes and, worse still, hold a company’s entire IP or customer database for ransom,” explains chief executive officer at SLVA CyberSecurity, Patrick Evans.

The good news is that Evans sees that the gap of understanding between operational managers and the C-suite is closing. However, a lot of work needs to be done and perhaps the approach from those responsible for cybersecurity needs a rethink.

“The first and most crucial step for executive-level management is to view cybersecurity as a strategic business enabler. This shift in approach can empower a business to achieve long-term sustainability and the confidence to pursue innovation and new areas of growth. With an understanding of the economic drivers and impact of cyber risk, executives can better and more carefully align cyber risk management with business needs. And, by incorporating cybersecurity expertise into board governance, businesses can ensure organisational design supports cybersecurity,” SLVA’s CEO says.

For instance, paying a ransom when hit by ransomware is a bad idea. As Evans outlines above, not understanding the economics of cybersecurity might have a C-suite team opting to pay a ransom. However, research has shown that paying a ransom is a bad idea because it signals to attackers that they can simply hit your firm again and expect a payday.

Taking cybersecurity seriously also signals to customers that they are safe when interacting with your firm.

“It’s evident that people and organisations want to engage with businesses that are secure and that the pendulum of purchasing power will land in favour of businesses that take the ever-present threat of being compromised seriously. In a digitally connected world, organisations are now making sure companies are secure by design before signing the dotted line. The other side of the same coin is that businesses which are secure by design now have a built-in sales and marketing advantage that will win them contracts in new markets and the lion’s share of contracts in existing markets – placing cybersecurity firmly in the territory as a business enabler and well beyond the current, reluctant view of it being a necessary cost,” Evans explains.

Part of this includes how incidents are handled. Those in the C-suite should be able to answer a number of questions with confidence including:

  • Are you confident the incident is fully contained?
  • How did the attackers gain access?
  • Are there measures being put in place to prevent this from happening again?

The best way to answer these questions is to have experts on board who have made securing the business part of their day-to-day lives. Beyond this, however, the C-suite has to engage with this team regularly to fully grasp what risks are out their and how mitigation can be accomplished.

To answer the question posed above then, yes, the C-suite takes cybersecurity seriously, but perhaps it’s best for these decision makers to acknowledge that they aren’t experts and need their guidance.

[Image – Benjamin Child on Unsplash]

advertisement

About Author

More
Brendyn Lotz

Brendyn Lotz

Brendyn Lotz writes news, reviews, and opinion pieces for Hypertext. His interests include SMEs, innovation on the African continent, cybersecurity, blockchain, games, geek culture and YouTube.
advertisement

Related News

TymeBank customers can make cash withdrawals from spaza shops across SA

Liquid to launch Africa-wide satellite internet connectivity

Xero – Despite several mounting challenges, SA businesses still positive about future

Slack tries to clear up confusion about what data it uses for AI and ML training

The 20 startups chosen for Visa’s second Africa Fintech Accelerator

Temu issues response to EU complaint

advertisement
Facebook Instagram Linkedin Youtube Spotify
Hypertext is one of South Africa’s leading technology news and reviews sites. We publish original content daily for consumers and businesses.
All original words & media by Hypertext by htxt.media are licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. Permissions beyond the scope of this license may be available at Hypertext. Where images and material are supplied by rights holders outside of htxt.media, original publishing licences are indicated and unaffected.
Click here to suggest a story.
Click here for advertising.
© 2024. All rights reserved by HTXT.