Newsletter | Volume 1

Issue I
Issue II
Issue III
Issue IV
Issue V
Issue VI
Issue VII
Issue VIII
Issue IX
Issue X
Issue XI
Issue XII
Issue XIII
Issue XIV
Issue XV
Issue XVI
Issue XVII
Issue XVIII
Issue XIX
Issue XX
Issue XXI
Issue XXII
Issue XXIII

click here to

Subscribe to our newsletter



To Unsubscribe click here

IT-GRC is on the corporate 2016 agenda because big data, internet of things and cloud computing can create unsafe IT and cyber security breakdowns

A significant number of Information risks components are on the management agenda because cyber-attacks command management's attention: Managing digital assets in a new socio-technology environment will explore how businesses assess and manage information risk because all organisations have sloppy employees.

Just as technology has transformed cloud and big data into a valuable business asset, outsourcing, cloud computing, social media, "design adapted device" and other technology-enabled business trends to suggest that information is increasingly being dispersed across the globe and global transactions within the corporation.

Cyber-attacks related to Information risks
Now the biggest obstacle to raising the priority of information risk is a lack of understanding of the issues. More than three-quarters of respondents from a recent survey think that information risk can typically be mitigated by technology fixes to hardware and software.

The focus on cyber-attacks and Information risk in the new technology landscape is focused on implementing more equipment and technical fixes. This approach intimidates and overshadows the vital role that employees and discipline play in both mitigating and creating IT Security risks.

Awareness of information risk does not extend to the business. Most companies are failing to create a culture of knowledge of IT security:
  • Only 27 % of the report a substantial understanding of information risk across the organisation. The most knowledgeable departments are IT and finance, where the core ---most critical information is thought to exist.
  • 57% believe that the small level of awareness of the organisation is equally true vertically: the importance of protecting information has not been a tone-at-the-top issue and, therefore, has not filtered down to lower levels of the business.

Managing IT and digital assets.
Workshops, training and seminars increase the awareness of being prepared. (see: http://www.riskability.org/2016/it-security/index.htm) Still up to 40% of CEO and CIO's require proper training and guidance on the actions to be taken, after the information has been lost or stolen.
  • One in four respondents, on the other hand, has enough knowledge, training and experience to take the lead in the event of an IT Security breach.

Copenhagen ComplianceŽ continues to foster collaboration and information sharing are encouraged thru the IT Security seminars and workshops:
  • 62% of respondents to our survey are looking to governments and regulators to take a larger lead in information risk management.
    • The primary concern is to promote knowledge sharing between companies on potential cyber-attacks.
  • 68% of respondents would appreciate greater regional harmonisation of the rules surrounding data security.

Therefore, we recommend that in-house IT-Security training, education, workshops and seminars is the answer so that all employees feel prepared. It seems that senior business leaders apparently focus on other issues and problems and, therefore, are ill-prepared for a loss of information at their business. Please note that nearly half of all organisations have experienced a loss of information, assets or IP in the past two years due to cyber breaches.

For more information, guidance and implementation templates see: http://www.riskability.org/2016/it-security/index.htm