Cybersecurity

An Approach 'Essential To Creating Robust, Sustainable Cyber Security'

James Goepel: In my experience, most organizations relegate cyber governance to the I.T. staff because their leadership sees cyber security as a technology issue. These leaders fail to appreciate that a cyber security incident can have a profound impact on the organization’s bottom line. From substantial fines and penalties imposed by regulations like Europe’s GDPR, which amount to 4 percent of an organization’s global revenue, to the cost of remediation, data breach notifications, lost business, loss of brand reputation and lost intellectual property, a single cyber security incident can quickly force an organization out of business.  

We need a cultural shift to a point where organizations finally treat cyber security risks as a business issue and govern cyber security with the same level of leadership engagement as financial risks. The leaders’ participation is critical, because only the leadership has the knowledge and visibility to define the organization’s budgets, priorities and, ultimately, its risk tolerance. This leadership-driven, business-focused approach to cyber governance is essential to creating robust, sustainable cyber security.