Awareness. You must have stumbled across this word hundreds of times when reading about the issue of cyber security. The main point in many articles is that it is quintessential that today’s executives and decision makers in the private and public domain realize what is at stake. Because this awareness is the start of a safer world.
Well, I’ve got news for you. Lack of awareness is no longer the issue. Media reports on cyber incidents have been all over the place in recent years and these have served their purpose. As a consequence almost every executive now seems to be convinced that organizations need to invest in prevention, detection and response measures in the cyber domain. Cyber security has clearly secured a prominent place on the board agenda. Moreover, it is satisfying to note that many executives fully realize that acting out of fear for the consequences of an incident may not be the best way to react in this domain. A much better strategy is to build an effective risk-based approach, thereby taking a more proactive attitude.
Source: Compact 2016-3