Cyber security should be owned at the top, says IT Governance


In a campaign to improve businesses’ understanding of emerging cyber threats and the ways to combat them, IT Governance is challenging business leaders and owners to take ownership of the cyber security issue in their organisation.

Alan Calder, Founder and Executive Chairman of IT Governance, says, “Any organisation, no matter how big or small, is at risk of attack. Cyber criminals are after every valuable piece of information that can be sold or used to steal money directly – from intellectual property and financially sensitive information to payment card details and personally identifiable information.”
Calder continues, “Cyber security is part of the governance structure of an organisation and therefore should be owned at the top. It is the responsibility of the board to set the direction for a management-driven and business oriented cyber security strategy.”
Cyber criminals today don’t need to target specific individuals or organisations to be successful; often it is easy enough to steal data by exploiting known vulnerabilities of software, applications and systems that the individual or organisation is using.
The Global State of Information Security® Survey 2014 revealed that an increase in incidents, combined with a concurrent rise in the volume of business data being shared digitally, resulted in a proliferation of data losses: 24% of respondents reported loss of data as a result of security incidents. This included employee records (35%), customer records (31%), internal records (29%) and identity theft (29%).
Some companies may not even realise that they have been breached until the attack is discovered by a third party. (92% of incidents were discovered by third parties according to the Verizon 2012 Data breach Investigation Report.)
Calder says, “Best practice security frameworks such as the international information security standard ISO27001 offer the best guidance available for implementing cyber security from the top down. Moreover, ISO27001 provides a benchmark for assessing your cyber security status against the standard requirements. It is the perfect tool for a business-driven strategy”.
IT Governance offers an ISO27001 Foundation Training course that is suitable for business leaders to understand more about the benefits of using ISO27001 to improve cyber security within their organisation.
Alan Calder will deliver a webinar entitled ‘How to be cyber secure: 10 mission-critical steps for business leaders and owners’ on 25th March 2014. Register here:
This website uses cookies. View our cookie policy