Ireland is becoming a global hub of the technological ecosystem and is facing more cybersecurity challenges than ever before. Additionally, the increasing use of hybrid working models that have developed during the COVID-19 pandemic means that the economy is more reliant on technology and cyber services than ever before.
Along with this dependence on cyber technology, cybercrimes such as the rapid distribution of malware, targeted phishing and theft of personal information are becoming increasingly common. Technology has become such an integral part of a business that crimes committed through digital channels are creating fundamental problems. Mitigating them requires cybersecurity planning in terms of people, process and technology. Cybersecurity is the all-encompassing term for the protection of information and network systems, cloud platforms and software from infiltration or misuse by third party actors.
The key fundamentals to addressing cybersecurity risks is to break the risks into separate domains. For example:
- Developing a Cyber Strategy
- Managing Threats and Vulnerabilities
- Cyber Incident Response
- Ensuring Data Privacy and Protection
- Managing Governance, Risk and Compliance
- Safeguarding Digital Identity
- Forensics and eDiscovery
Cybersecurity can be the enabler of effective Governance. Organisations need an enterprise-wide view of how effective their cyber security controls are operating. Using industry-standard frameworks like ISO 27001 or NIST, businesses can ensure they implement controls to reduce the risk of cybersecurity incidents of all types. This can lead to more effective visibility of assets, threats to your business as well as establishing the basis of a response to an incident.
A key part of managing cybersecurity risk is third party risk management (TPRM). This involves an organisation understanding its suppliers, how they interact with the organisation and its networks and how mature a supplier is in dealing with a cybersecurity risk. The weakest link in the cybersecurity chain, may be a supplier for instance.
A robust cybersecurity can be an enabler for a business and support business growth, through allowing a business to be digitised in a controllable manner. It is also at the forefront of CEO’s minds, in how to prepare for and respond to a cybersecurity incident.
Author: Neil Redmond, Director of Cyber at PWC. Neil graduated in 2004 on completion of the DCU Executive MBA