ABSTRACT
Hacking and other cyber threats are increasingly recognised as of strategic importance to organisations. It’s not just personal data about customers or employees that can be affected by a cyber breach. IP can be stolen or corrupted. Internet-connected machines can be damaged. Personal reputations can be destroyed. Large sums of money can be lost. The best talent can be deterred from joining.
Managing cyber security requires a highly structured approach that reaches across the organisation, not just the IT department. It needs to embrace people at every level as well as stakeholders such as suppliers, contractors and even customers. It needs to start with people – ensuring they have the right knowledge as well as a culture of security. It needs to address processes, ensuring the right rules and guidelines are in place, supported by management processes and monitoring. And finally (but only after people and processes have been addressed), it needs to ensure that appropriate technology is in place 174to support security. It is only organisational leaders who can make sure this holistic approach is effectively implemented.
