The idea of creating a cybersecurity Centers for Disease Control focused on gathering information and disseminating advice has been around for years, but the government can only do so much.
The ability to act decisively, communicate clearly and keep teams focused is critical to leading successfully in and through a crisis. But even more critical is how they have “made ready” the organization long beforehand.
Critics and issuers should read this statement carefully and step back to see how it is constructed. It may actually serve as a good model for issuers' own procedures and disclosures on cybersecurity.
In a move that comes as no surprise, Equifax chairman and CEO Rick Smith has announced his retirement in the wake of a data breach that compromised the private financial information of 143 million people.
What’s the big deal around cyber risk? A data breach will immediately cause a free fall in stock price, taint the brand and call into question the competency of board and C-level leadership.
While all organizations are having difficulty finding cybersecurity talent, small and medium-sized enterprises are in a particularly bad position, as they cannot afford the high salaries that qualified cybersecurity specialists command.
Today’s employees require cybersecurity programs that go well beyond downloading “anti” software and monitoring networks and systems.
Physical disaster and cyber risk are often bedfellows after a disaster strikes, as cyber attackers are likely to make their move when a company’s IT staff and resources are consumed in post-incident recovery.
Would you microchip your own employees? And would they let you?
You can’t eliminate the threat, but you can limit your vulnerability.