Cyber Security does not "just happen". It's a result of business leadership understanding the digital threats to the business and taking specific, concrete actions to mitigate associated risks. These actions may manifest in the deployment of cyber defense technologies, training, business policy and protocols for engaging with the 3rd party partners that every business requires to be successful. The more thoughtful and thorough that "understanding", the more likely a business will take the necessary steps to proactively take the actions necessary to be cyber security. The biggest mistake an enterprise can make is to assume they are not a target or to underestimate the consequences of a successful cyber attack. In this month's RSA Conference blog, we tackle some of the issues and implications of cyber security, from a Governance perspective. Hint, it's not just your systems, networks, and people. It's about everyone and every place your business and people conduct business..
| less than a minute read
Cyber Risk Management Has More Work to Do
Reliance on third-party vendors has never been more widespread. A recent study by Ponemon Institute estimates that the average company shares confidential information with 583 third parties. And if a third party processes data on behalf of an enterprise, it is the enterprise—not the third party—that is held accountable