Attackers are exploiting systemic weaknesses in digital business systems in new and creative ways. Cybersecurity approaches need to recognize this shift and adapt to the catastrophic and compounding effects of the systemic risks now threatening businesses and critical infrastructure.
Systemic risk in cybersecurity is the inherent risk that exists within complex digital business systems. It’s the threat of risk spreading into a business from connected third-parties or out of your business into others. It’s also the threat of one part of a digital business system going down, which then cascades and has a much larger negative impact on the extended system.
Hackers are now pinpointing and exploiting targeted parts of complex systems for this reason. Understanding and protecting the “crown jewels” has been staple cybersecurity advice. While, protecting “crown jewels” is still important, it is no longer good enough. It’s now also necessary to understand and protect against systemic risk, which can start from an asset that is not considered a “crown…