More than three decades ago, I attended the CIA’s first ever “computer operations course”. I learnt there that people, not technology, are the weak points in the realm of cyber risk.
This is a lesson I was reminded of recently with the revelation of a significant data breach at Capital One Financial. However, many executives continue to ignore the fundamental principle of people-centric digital risk. As technology evolves, the adversary is not a virus or a bot-net, but a person or group of people who use digital technology in alternative, often illegal, ways. Yet so many leaders default to simple technical solutions, and fail to understand the multi-dimensional nature of digital risk.
The introduction of 5G and the advent of artificial intelligence will turbocharge the internet of things, amplifying the cyber threat. With corporations and governments continuing to cut costs by shifting to the cloud, the exposure of even the most diligent organisation rises exponentially.
There are valuable lessons to be learnt from executives who have embraced the challenge of learning about the threat and taking decisive action. First, they accept that digital risk may be the most…