Your new post is loading...
“Even those that spend significant dollars on security … are the ones that are consistently being compromised and reported on,” he told Digital News Asia in Singapore recently.
This is because organisations are not paying enough attention to the entire cyber risk equation, which includes not just the technology being deployed to mitigate risks, but also culture, people, processes and ‘third parties.’
“Technology itself cannot fix the problem,” O’Rourke said, adding that “third parties are now emerging as one of the more difficult ones.”
Third parties are the ‘cyber-ecosystem’ of a business, from its contractors to connected parties in its supply chain.
To protect themselves from the risks that these third parties bring into their systems, they have to look at governance and culture.
“Governance is ‘who owns the problem?’ ” O’Rourke said. “The CIO (chief information officer) can help, but unless the business itself understands the risk, it will never fix the risk.”
And when it comes to culture, a big factor is education.
Learn more:
https://gustmees.wordpress.com/2012/07/11/cyberhygiene-hygiene-for-ict-in-education-and-business/
https://gustmees.wordpress.com/2012/05/03/update-your-third-party-applications/
Learn more:
https://gustmees.wordpress.com/2012/07/11/cyberhygiene-hygiene-for-ict-in-education-and-business/
https://gustmees.wordpress.com/2012/05/03/update-your-third-party-applications/
https://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/