Three Key Cyber Security Trends of 2019
When it comes to scaling in the current economic environment, companies are focusing on emerging technologies. This, however, is putting them at an increased risk of cyber attacks. A report by Deloitte says information security is currently the number one trend affecting business, the workforce, and customers.
Almost 40 per cent of private businesses state that managing cyber-security and information security risks will be the top investment priority over the next 12 months, says the report, “Technology in the mid-market: Embracing technology”.
Over the past few years, cyber attacks have been increasing at an alarming rate. A recent Frost & Sullivan study says the potential economic loss across large-sized organizations in Asia Pacific due to cyber-security incidents can hit a staggering US$30 million.
We asked Ed Powers, the US Managing Principal at Deloitte Cyber Risk Services, what companies should do in 2019 to fight cyber attacks.
Here’s what he had to say. Edited excerpts:
Going all out
As leaders prepare for the business challenges of 2019, it’s clear that cybersecurity presents one of the largest risks to the organization. Cyber is not simply a technology issue, but a strategic risk that impacts every facet of an organization. The ubiquity of cyber warrants full senior leadership engagement, greater cyber risk governance and management frameworks. Cyber is everywhere.
Our recent study, coupled with our own experience, shows that leaders are simply not doing enough to understand and mitigate these risk across the enterprise. In 2019, executives and board members should engage in cyber wargaming and scenario planning to understand their organizations’ greatest risks and practice their enterprise-wide response. The survey found that only 25 percent of organizations are engaged in these efforts. Further, only 30 percent of leaders describe themselves as highly engaged in cybersecurity.
Engagement is key
Senior leadership engagement is key to moving from merely identifying security threats and fixes to defining business impacts, governance methods, risk escalation steps, and organizational responses. Additionally, we found that many CEOs fail to hold their extended enterprise to the same risk standards as their own organization, despite leaders seeing IT providers as posing the greatest threat.
To better manage these relationships, they should have an approach where they consider cyber risk from the beginning of vendor procurement and include sets of security requirements and controls via contract.
To ensure the appropriate prioritization is given to cybersecurity in 2019, leaders must increase investments in cyber threat intelligence and analytics. Even though more board members than CEOs cite new technologies as a priority, our survey indicated that leaders are least likely to invest in improving threat detection.
Well-developed use-cases driven by priority-based threat intelligence can allow organizations to better detect and prevent malicious activity within the enterprise environment.
This story is part our special series on the new trends of 2019. To know what changes the workplace will see in the new year, click here.