Nearly half of IT and business leaders said that the expanding attack surface is “spiraling out of control.” But throwing even more tooling and people at the issue doesn’t address the underlying problem which lies in a disconnect between the teams, processes and tools that a CISO probably already has in place.
A new poll from Deloitte finds there is an immediate and significant cyber risk from "harvest now decrypt later" (HNDL) attacks, in which attackers steal encrypted information and simply sit on it until quantum computing advances make it trivial to crack.
The best way to deal with a vulnerability is doing what you can to prevent them from happening in the first place. Oftentimes, cyber risk can be managed even through simple and basic security hygiene practices.
WEF's newly-released principles for board governance of cybersecurity offer a base of best practices for dealing with increasing cyber risk, with a new element being an emphasis on an organization-wide focus.
Cyber risk is ready to join the realm of Enterprise Risk Management, and it must in order to prevent the surprise shock of massive financial impact from cyber events.
While 79% of respondents in recent Marsh and Microsoft survey ranked “cyber risk” as a top risk management concern, only 17% of C-suite or board members spend more than a few days per year focusing on it.