Companies can no longer afford to look at cybersecurity in isolation. Digital transformation means that cybersecurity risks must now be devolved to all sectors of the business, rather than being the sole responsibility of the chief information security officer (CISO).
Speaking at The Telegraph Cyber Crime Summit sponsored by IT firm DXC, Daniel Baker, DXC’s general manager, Security, UKIIMEA, said that cybersecurity “cannot exist in an ivory tower”, especially with the prevalence of cyberattacks. “CEOs don’t look at cyber-risk any differently than they look at any other type of business risk,” he said.
“Talking about business risk management is the right way to elevate cybersecurity issues,” said Will Harvey, the Government’s head of cyberdefence. “It forces security practitioners to talk in terms of business impact.”
Learning to prioritise
Inevitably, how companies view risk varies considerably, with many using the…