A New Approach to Cybersecurity

Businesses must exchange information with many different external bodies from current and prospective customers and suppliers, to government agencies and joint venture partners. This communication was once slow and expensive for both parties. Now with the advances of electronic connectivity and data storage, the exchange of large quantities of information is cheaper and quicker than almost anyone imagined possible 30 years ago.

But with this explosion of data and interconnectedness, this has also expanded the opportunities for crime. The new information openness of enterprises is being used to steal intellectual property, the “identities” of customers and to subvert or shut down operations. The losses from these attacks can be large. Businesses must approach cybersecurity as they approach other risks entailed by their business activities.

In our Point of View, A New Approach to Cybersecurity: Leveraging Traditional Risk Management Methods, we explain how to take a science-based approach to cyber risk management by quantifying the cost of cyber risk, viewing cyber risk from a cost-benefit lens, and factoring cyber risk into strategic decisions. In other words, cyber risk must become an issue not just for the IT Department but for Risk, Finance, business heads, and indeed for the CEO and the Board.