But with this explosion of data and interconnectedness, this has also expanded the opportunities for crime. The new information openness of enterprises is being used to steal intellectual property, the “identities” of customers and to subvert or shut down operations. The losses from these attacks can be large. Businesses must approach cybersecurity as they approach other risks entailed by their business activities.
In our Point of View, A New Approach to Cybersecurity: Leveraging Traditional Risk Management Methods, we explain how to take a science-based approach to cyber risk management by quantifying the cost of cyber risk, viewing cyber risk from a cost-benefit lens, and factoring cyber risk into strategic decisions. In other words, cyber risk must become an issue not just for the IT Department but for Risk, Finance, business heads, and indeed for the CEO and the Board.