Cyber Security

It's likely that most of the readers of this newsletter are aware of danger of cyber security threats. What we can't know, however, is whether all of you have incorporated cybersecurity into your business continuity and disaster recovery plans. It definitely should be a priority for organizations of all types. One attack could be severe enough to seriously damage or even close your business. Check this week's articles for more information on how to better prepare for and/or help prevent cybersecurity threats.

Do businesses understand that cybersecurity is the lynchpin for safeguarding their most precious assets -- intellectual property, customer information, financial data, employee records, and much more? (Item #1)     Here are five major trends in cybersecurity that you should have in mind when updating your InfoSec plans for 2016. (Item #2)     This article is meant to be a Panama Canal of sorts... a link between the two disciplines of BCP and cyber security, or cyber for short. (Item #3)    

The mounting threat of cyber attack should be a driving force for more enterprises to place it firmly within the context of business continuity planning. (Item #4)     Effectively managing cyber risk means putting in place the right governance and the right supporting processes, along with the right enabling technology. (Item #5)     It is imperative that you protect your systems from cyber threats -- the lifeblood of your organization depends on it. (Item #6)    

As always, I look forward to hearing about your concerns with regard to business continuity. If there are any topics that you'd like to see covered, email me at [email protected].

Bob Mellinger, President
Attainium Corp

1. Cybersecurity: The new business priority

Information security probably isn't something that gets a lot of executive attention. It's the CIO's job or the responsibility of his lieutenants. Yet every so often when scanning the headlines, news about the latest high-profile cyber attacks elevates your blood pressure as you wonder: Could that happen to us? What would be the impact on our business? How would we respond to customers and shareholders?
http://www.pwc.com/us/en/view/issue-15/cybersecurity-business-priority.html

2. Five cybersecurity trends to watch for 2016

We may welcome in the New Year with open arms, but we must also prepare for the cybersecurity threats ahead of us. The 2015 Cost of Data Breach Study from IBM and the Ponemon Institute put the average cost of a data breach at $3.79 million, and that figure is expected to grow in the year ahead. With the right resolutions, you can drastically reduce your chances of falling prey to cybercriminals.
http://www.networkworld.com/article/3019235/security/5-cybersecurity-trends-to-watch-for-2016.html

3. What Answers Do BC Planners Need from Their Cyber Security Team?

Some experts say there is a thin line between disaster recovery and business continuity planning (BCP). The first is owned by the computer operations or IT department, while the second is usually owned by the line of business. Unfortunately, BCP and cyber security are, more often than not, separated by a gulf larger than the distance between the Atlantic and Pacific oceans.
http://www.disaster-resource.com/index.php?option=com_content&view=article&id=2334:what-answers-do-bc-planners-need-from-their-cyber-security-team&catid=6:information-technology

4. Hurricane, Fire... DDoS? Make Cyber Threats Part of Business Continuity Planning

With the sudden increase of cyber attacks, as well as the evolution on the part of hackers all over the world, businesses and organizations are not nearly as prepared for cyber-attacks as they could or should be. Research indicates that just over half (51%) of network operators, who participated in an infrastructure security survey, don't regularly perform preparedness drills for cyber-attacks. It's the classic case of burying heads in the sand and thinking, "If I ignore it, it'll go away."
http://insights.wired.com/profiles/blogs/pick-your-poison-hurricane-fire-ddos-cyber-threat-needs-to-be

5. Cyber security: it's not just about technology

Cyber security is an important concern for every organization. Daily occurrences demonstrate the risk posed by cyber attackers -- from individual, opportunistic hackers, to professional and organized groups of cyber criminals with strategies for systematically stealing intellectual property and disrupting business. The management of any organization faces the task of ensuring that its organization understands the risks and sets the right priorities. This is no easy task in light of the technical jargon involved and the pace of change. Focusing on technology alone to address these issues is not enough.
https://www.kpmg.com/Global/en/IssuesAndInsights/
ArticlesPublications/Documents/cyber-security-not-just-technology.pdf

6. Cyber Risk Management Primer for CEOs

As a Chief Executive Officer (CEO), you understand that any disruption to your information systems can hamper your operations, slow your supply chain, impact your reputation, and compromise sensitive customer data and intellectual property. According to the 2013 Cost of Cyber Crime Study by the Ponemon Institute, the average annualized cost of cybercrime for organizations is $11.6 million per year, with a range of $1.3 million to $58 million.
http://www.dhs.gov/sites/default/files/publications/
C3%20Voluntary%20Program%20-%20Cyber%20Risk%20Management%20Primer%20for%20CEOs%20_5.pdf