Resilience, collaboration and engagement will be essential for organizations wishing to weather the devastating cybersecurity “storm” already engulfing the world, experts argued at Infosecurity Europe this morning.
During a lively panel discussion on the first day of the show, Jen Ellis, co-chair of the Anti-Ransomware Commission, argued that billions of dollars a year are disrupting food and energy supply chains and impacting healthcare systems across the planet. warned of cyber threats of scale.
“This is not a storm brewing. We are already in that situation,” she insisted. “Given the attack surface, the technical debt we’re building, and how difficult it is for the people in this room to meet that challenge, I think we’re in for a storm. But that doesn’t mean we should give up, it just means we have to work together.”
For more information on cyber resilience, 18 oil and gas companies have made pledges on cyber resilience.
Nick Prescot, CISO at Norgine, says organizations need to prevent breaches as much as possible, but be realistic and focus on proactive measures to improve incident response, such as regular tabletop exercises argue that there is a need.
He added that collaboration with executives is key to ensuring buy-in for important projects and ensuring cybersecurity is not treated as a siled technology function.
“This tends to get in the way. [of good security] But things are changing,” Prescott said. “We have been doing complex cyber assessments for years, and suddenly [the board] People are getting more attention and I find that very interesting. ”
CISOs can get their point across by ensuring that “never a good crisis goes to waste” in discussions with the board, Ellis added. That could mean using a topical issue that is gaining management attention, such as the threat of a Russian state-sponsored cyberattack, as a starting point for discussions about cyber and business risks.
A proposed SEC rule that could require an expert in the cybersecurity field to join the board would also help change the way business leaders view security, said Fene, head of technology and digital assurance at Wellcome Trust. Osakwe explained.
He said that better industry collaboration is needed for organizations to become more cyber resilience, but that will require a trusted third party, such as a government agency, to create the right framework first. He added that it could be.
“A devastating cyber storm is brewing. Can we do anything to stop it? I think the answer is no. But we can manage it,” concluded Osakwe. rice field.
“We are moving from a cybersecurity strategy to a cyber resilience strategy. It is no longer about preventing it from happening. It is important to be able to continue active activities.”
