Cybersecurity is a CEO issue

by Bill Archer - December 11, 2017

News of recent high-profile cybersecurity breaches have created real fear among senior management across sectors. When even the world’s most respected institutions are being compromised, it seems only a matter of time until every organisation falls victim. But this doesn’t mean that Irish management teams should panic.

It does mean, however, that cybersecurity needs to become a CEO issue, if it isn’t already. This November, for the second year in a row, eir Business is the title sponsor of Dublin Information Sec 2017, alongside Cisco. We’re throwing our weight behind this conference because we believe it’s one of the most essential in the calendar and plays a vital role in raising awareness at all levels of Irish organisations, the boardroom especially.

We live in a networked world and cyber criminals don’t limit themselves by geography: cross-border attacks are common, and the network is the vector. That’s why at eir Business we don’t just provide network services, we provide security services that help protect your network and your business, covering everything from vulnerability scanning and penetration testing to security incident response.

Cybersecurity needs to be tackled holistically at board level

As management begins to look at the cybersecurity question in some detail, my hope is that CEOs will truly appreciate that this is a challenge at the macro level. As Andy O’Kelly wrote recently, a range of powerful new network level security technologies, including smart new automation, allow organisations to fight back. Budgets, too, are increasing as cybersecurity becomes a spending priority. But more technology, and more budget spend on it, isn’t the only solution.

The recent Data Solutions survey was one of several to reveal that this is a multifaceted issue: outdated systems within an organisation pose a threat, and many employees lack basic awareness of cybersecurity hygiene. Nearly a third of those surveyed said they believe their organisation is incapable of protecting itself against emerging threats.
Additionally, the 24-7 nature of the threat means that an organisation may find its personnel overstretched as it tries to manage risk. The Cisco 2017 Annual Cybersecurity Report revealed that, of those companies surveyed, it’s normal to receive 5,000 security alerts daily, yet companies investigate just 56% of these, with the rest going unaddressed.

Upcoming regulation will change the cybersecurity landscape

The truth is that cybersecurity is a people issue, a technology complexity issue, and a budget issue. Here at eir Business we will be looking in some detail at cybersecurity and the multifaceted nature of the challenge over the coming months, as threats and the regulatory landscape both change.

Looking back at the recent high-profile breaches, it’s notable how slowly news of the attacks emerged. The EU’s General Data Protection Regulation (GDPR), which comes into effect May 2018, mandates that companies inform their customers within 72 hours of becoming aware of certain kinds of breaches, and significant fines may be levied for breaches of the regulation.

While this may seem onerous, information sharing is critical in the battle to tackle cybercrime, and to mitigate the risks it poses to companies’ revenues, reputation and customer relationships.

That’s why we hope you will join us in the RDS on 1 November at Dublin Information Sec 2017, an excellent opportunity to share information and meet the solution providers who can help with your risk mitigation program. Speakers include expert strategists and practitioners who have the latest insights on best practice in cybersecurity – which techniques are working, and which aren’t — in everything from cloud and IoT security to ransomware and DDoS attacks.

Please visit the following page for ticket bookings and more information about Dublin Information Sec 2017.

Bill Archer

connect on LinkedIn

Ready to get started?

Contact Us