WELCOME TO THE CONTINUITY CENTRAL ARCHIVE SITE

Please note that this is a page from a previous version of Continuity Central and is no longer being updated.

To see the latest business continuity news, jobs and information click here.

Business continuity information

Traditional approaches to cybersecurity ‘no longer work’

Traditional approaches to cybersecurity are no longer working and organizations that fail to update their strategies run the risk of significant financial and reputational damage. This was the major insight from the inaugural IT Leaders’ Roundtable events hosted by Protiviti and Robert Half Technology, which were attended by chief information security officers (CISOs) from a range of private and public sector organizations.

The main challenge lies in communication between CISOs/IT and the board, reported attendees. While boards of directors are aware of the risks associated with cyber crime, partly because of recent high profile attacks in the news and partly because of guidance from GCHQ and other government bodies, they tend to view expenditure on measures to tackle cyber crime as overheads, rather than risk mitigation.

Attendees also reported that their boards were experiencing fear, uncertainty and doubt (FUD) fatigue and tended to believe that they could get away with current protection against cyber attacks – despite the fact that the world has changed significantly because of social media, mobile and cloud technology.

Ryan Rubin, managing director and leader of Protiviti's UK Security and Privacy practice, commented: “Traditional approaches need to change to reverse the trends and help mitigate risk. The average cost of a data breach is $250 per record – and there are mounting expectations that a company will do something for customers whose information have been compromised. As well as reputational damage, companies can face costs that escalate very quickly.”

Charlie Grubb, associate director, Robert Half Technology added: “When we asked about the quality of information exchange around cybersecurity between IT and the board, organizations reported that this was mostly limited and reactive, rather than ongoing. The delegates’ experiences suggest that IT security professionals need to develop skills beyond their technological knowledge – the most successful will be those who are able to explain the impact of cybersecurity risks to the board in language that they understand.”

http://www.roberthalf.co.uk

•Date: 26th May 2014 • UK/World •Type: Article • Topic: ISM

Business Continuity Newsletter Sign up for Continuity Briefing, our weekly roundup of business continuity news. For news as it happens, subscribe to Continuity Central on Twitter.
   

How to advertise How to advertise on Continuity Central.

To submit news stories to Continuity Central, e-mail the editor.

Want an RSS newsfeed for your website? Click here