As new technologies continue to enhance all aspects of our connected lives, the cyber security risks are maturing as well. These risks are becoming more and more complex, and all the implications associated with a cybersecurity breach are becoming more serious. In many instances, the technology organizations use to protect themselves have failed to keep pace with the speed and agility of modern threats, resulting in $445 billion dollars worth of damages from cybercrime in 2015 alone. Security is no longer an issue that neatly rolls up to the CISO. The conversations around security are essential to the overall success of the enterprise.
Even with the large impact that security related events have on corporations profitability, it hasn’t seemed to be enough to push the conversation to the highest levels within organizations. According to a new report from NASDAQ, many board members and execs do not feel a high level of accountability for security incidents. In addition, 98% of highly targeted organizations are not confident that they track all devices and users on their networks. This poses a slew of potential risks which is a serious problem.
Even with daily headlines from the latest cyber attacks, there is a disconnect between personal and organizational accountability when it comes to the protection of a company’s most sensitive data. For example, only 9% of highly vulnerable board members said their systems were regularly updated in response to new cyber threats. This sounds like another problem, one that will lead to a lot of security incidents in the future for many of these companies.
“There are two implications of combining a low level of readiness and a low level of awareness in relation to cybersecurity vulnerability: the first is that you’re inviting trouble; secondly, you may already be in trouble and not know it.”
– Ben Hammersley The Times, BBC, Wired UK & Netflix
For the modern security professional, the decks are stacked against them as even their senior leadership seemingly do not care, or do not know what to think when it comes to cyber security. Whenever you invest in anything you want to hedge your bets or make sure you have policies in place to protect your assets. Much like how email was used a decade ago for phishing, and still is for an array of cyber attacks, social media is the new cyber battleground. The recent shift to social media for customer success, branding, marketing and more, has already caught the eye of cyber criminals trying to wreck havoc on your enterprise. Covering all of your bases is the least you can do to harden your security posture. Security incidents are seemingly inevitable, and that’s certainly true if you do not have the proper systems in place and the right people in the know.