Cybersecurity – What are the risks?

With changes to working culture, and more people working from home than ever, businesses can see the importance of cybersecurity across their workforce.

In the end, cybersecurity is an enterprise-wide issue. It is often chalked down to an “IT problem”. Cybersecurity affects us all, even in our everyday lives. You see it in the media, on your phones, laptops, desktops tablets – as the world grows with technology, so do the potential threats we face. Hackers and scammers are savvy and can use technology to their advantage just as we can use it for ours in work and in life.

So, what can we do?

Identifying the risks and potential threats from cybersecurity and implementing processes to mitigate the risks is imperative to the resilience of a business.

The National Association of Corporate Directors (NACD) in the US put it very well in their Cyber-risk Oversight Handbook when in Principle 1 (of 5) they state “Directors need to understand and approach cybersecurity as an enterprise-wide risk management issue, not just an IT issue”.

Cybersecurity is more than just keeping the bad guys out.  It’s more than firewalls and intrusion detection, more than just spyware and malware. It’s about protecting integrity. It’s making sure that the data your published reports are based on is accurate and unaltered. Cybersecurity is about people, their behaviour, sometimes careless and sometimes malicious. It is also about prioritisation: what matters most, and which information needs the most protection?

forward thinking imagery

What does “cyber” mean?

The word cyber could, depending on the context be replaced by: Computer, computer network, virtual or simply “digital”. However, keeping information secure and private is not new.  What is new is the multiplicity of ways (“Threat vectors” in IT-speak) that can be used to access the information.

Where are the Threats coming from?

Threats can come from anywhere, so being vigilant in your risk management is key. Threat sources include:

  • Aggressive competitors
  • Criminal Organisations
  • Hostile Nation States
  • Hackers and Hacktivists
  • Disgruntled employees

And more

What are the Vulnerabilities?

Being aware of where you are vulnerable to attack is key. Knowing what could be targeted can help build a solid defence. For the typical organisation the vulnerabilities include:

  • Unpatched flaws in operating systems and programmes
  • Unwitting employees who are unaware of the methods employed by those who would steal / corrupt your data.
  • IT System Misconfiguration. Akin to leaving the back door open.
  • Mobile Devices, whether under your control or not under your control they provide an access point to your information.
  • Supply Chains / Service Providers who have poor cyber defences can offer an easy route to your information.
  • Storing data in the cloud. Do you know how secure it is?

The Risks

The risks are what threatens the confidentiality, integrity, and availability of your information. They include, but are not limited to the following:

  • Denial of Service attack. Attacking your systems in a manner that prevents legitimate users from accessing your information / systems.
  • Encrypting your data and demanding payment for the decrypt key.
  • Data breach. Can be external or internal.
  • Data changed / manipulated maliciously. Could impact key decisions.
  • Stealing information and routing it to external parties.
  • Identity theft. Criminals masquerading as clients.

compliance, relations and standards graphic

The Solution: Manage the Risks

The wide range of threats, vulnerabilities and resulting risks means that the solution requires a combination of preventative and mitigation measures. As you would expect many of these have an IT component, but many are dependent on human behaviour and a sound corporate culture. By managing these risks and being aware of potential threats, you can nip these in the bud.

If you want to know more on how manage cybersecurity risk management in your organisation be sure to join us for our free webinar on March 15th at 10:30am, just register on the CalQRisk website.

You can also check out the Cybersecurity section of our latest Risk Management and Resilience White Paper, which has helpful tips on implementing risk management for your business. It is available for free on the CalQRisk Website

 

 

 

Recent News

forward thinking imagery

Incident vs Crisis

Not every incident/event is a crisis, but it can have the potential to become a crisis if not ...
Read More
Logging in to attend a CalQRisk webinar

Operational Resilience vs Business Continuity 

At first glance, you might think Operational Resilience is just Business Continuity (BC) by another name, but there ...
Read More
Central bank of ireland building

Assessing your Outsourcing Governance Framework

In March 2022, the Central Bank of Ireland fined BNY Mellon Fund Services €10.78 million for 16 regulatory ...
Read More
laptops on a table doing risk reports

Cybersecurity – What are the risks?

With changes to working culture, and more people working from home than ever, businesses can see the importance ...
Read More
IWD2022 employee spotlight

International Women’s Day Spotlight – Fiona Kiely

It's International Women's Day and today we would like to shine the spotlight on our very own Fiona ...
Read More
risk assessment

10 Key Steps to getting Operational Resilience off the ground

It can seem daunting to begin a brand-new process for your business. However, risk assessments are an easy ...
Read More
CalQRisk and CUMA

CalQRisk at CUMA Spring Conference

CalQRisk will be attending the CUMA Spring Conference & AGM 2022 – “Changing Landscapes” The conference takes place ...
Read More
regtech 100 2022 badge

CalQRisk included in the RegTech 100 List

Now in its fifth edition, the list recognises the world’s most innovative technology solution providers that offer products ...
Read More
risk management cogs and gears of plan

Thematic Review of Risk Management Maturity – Summary of Key Findings

Thematic Review of Risk Management Maturity – Summary of Key Findings Earlier this year, the Central Bank of ...
Read More
Sunday Business Post Logo

Business Post – Improving the Odds

We were delighted to be featured in the Business Post recently. In the article, our CTO discussed the ...
Read More