The Institute of Enterprise Risk Practitioners (IERP®) is the world’s first and leading certification institute for Enterprise Risk Management (ERM).

Image Alt

IERP® International Institute of Enterprise Risk Practitioners

  /  Blog   /  Increasing need for CyberSecurity awareness in companies

Increasing need for CyberSecurity awareness in companies

Technology is truly a double-edged sword. You can’t live without it in today’s business environment but living with it invariably entails coming to grips with all its attendant risks – and there are many! Imagine how liberating it would be, if technology was allowed free reign in support of business – how far commerce could go, and how convenient doing business could become. Unfortunately, we don’t live in a perfect world, and business is not the ideal environment for the democratisation of technology, as many companies have realised, to their detriment.

What most firms fear today is not so much the advancement of technology (will droids take over our jobs?) but the disruption that results from having become too dependent on it. Cybersecurity is gaining traction because more and more businesses are recognising the irony of how the component expected to boost business may also be the major cause of its downfall. Rare is the company today that does not have a website but this is often the best way into an organisation’s network. To those who are intent on breaching the system, this is like an invitation to a buffet!

So what can companies do to protect themselves from such breaches? The first step is to identify what and how much confidential or valuable information the company has; the second is where the major risks stemming from the exposure of this information may lie. If all your company information is “out there” and your business runs little risk of being affected if everyone knows it, then there is less to fear. But if you can only afford to be transparent about some things and need to keep others safe and confidential – such as patented industrial designs, proprietary source codes or secret recipes, for instance – then cybersecurity is a must.

One of the less savoury aspects of technology is that it has helped to expedite crime. Thieves today don’t just swipe the extra change from the till; they are cybercriminals who get into your offshore bank accounts and clean you out to the tune of millions. Fraud, corruption, insider trading and other white-collar crimes are at an all-time high, aided and abetted by technology. Cybercrime includes data breaches, identity theft, online fraud and credit card scams, just to name a few. More alarmingly, syndicates and organised crime have also started applying technology to expand their networks; crime is crossing physical boundaries with relative ease.

Hackers in one country can access sites on other continents; cybercrime is not constrained by physical boundaries. It is usually quick, anonymous and extremely painful; sometimes racking up millions in damage, and paralysing networks. Hacking has also been known to render physical equipment useless and trigger denial of service incidents that disrupt and can bankrupt businesses. With cybercrime apparently so prevalent, what can companies do to protect themselves? There are some common-sense measures that can be taken before the big guns are brought in.

Firms need a cybersecurity policy, and should inventory their information assets to determine which may be vulnerable to cyberattack. Proper documentation is imperative. Update records and identify who is responsible for information safety and maintenance. Update old or obsolete technology, and make sure the new or updated items come with appropriate security. Increase staff awareness, and educate them on what to do in the event of a security breach or cyberattack. Make cybersecurity issues a part of the risk culture that you want to develop in your organisation. Turn everyone in the firm – from the Chairman of the Board to the Tea Lady – into a Cyberpolice Squad!

    Name (required)

    Email Address (required, business email address only)

    Mobile Number (required)

    Company (required)

    Designation (required)

    Preferred Contact Method: (required)

    CallEmail

    What is the biggest challenge in your job/industry

    Which modules are you interested in? (required)

    Managing ESGMechanics of ESGEnterprise Risk Management

    Message

      Name (required)

      Email Address (required, business email address only)

      Mobile Number (required)

      Company (required)

      Designation (required)

      Preferred Contact Method: (required)

      CallEmail

      What is the biggest challenge in your job/industry

      Message

        Name (required)

        Email Address (required, business email address only)

        Mobile Number (required)

        Company (required)

        Designation (required)

        Preferred Contact Method: (required)

        CallEmail

        What is the biggest challenge in your job/industry

        Which modules are you interested in? (required)

        Evaluating Risk and Internal ControlCorporate GovernanceEstablishing a Cybersecurity FrameworkEnterprise Risk Management

        Message

          Name (required)

          Email Address (required, business email address only)

          Mobile Number (required)

          Company (required)

          Designation (required)

          Preferred Contact Method: (required)

          CallEmail

          What is the biggest challenge in your job/industry

          Message

            Name (required)

            Email Address (required, business email address only)

            Mobile Number (required)

            Company (required)

            Designation (required)

            Preferred Contact Method: (required)

            CallEmail

            What is the biggest challenge in your job/industry

            Which modules are you interested in? (required)

            Digital Risk Management and DisruptionMechanics of CyberSecurityEnterprise Risk Management

            Message

            User registration

            Reset Password