Cyber-Risk Assessments: the vaccine for companies in the Fourth Industrial Revolution.

Technology continues to play a critical role in shaping the global risks landscape for individuals, governments and businesses. According to the World Economic Forum Global Risks Report 2020, cyberattacks are ranked as the second risk of greatest concern for business globally over the next 10 years.

Cyberattacks on critical infrastructure - rated the fifth top risk in 2020 by the expert network - have become the new normal across sectors such as energy, healthcare and transportation. This confirms a pattern recorded in previous years, with cyber risks consolidating their position alongside environmental risks in the high-impact, high-likelihood quadrant of the report's Global Risks Landscape.

The cyber attack surface (the totality of all information system and internet exposure) is growing at a rapid pace. In parallel, inherently borderless cybercrime is impacting victims around the globe, with the authority of law enforcement often constrained by jurisdiction and the limitations of legal processes serving to request information beyond national borders. Moreover, cybercrime-as-a-service is a growing business model, as the increasing sophistication of tools on the Darknet makes malicious services more affordable and easily accessible for anyone.

In this context, a cyber-risk assessment is crucial to any organization's risk management strategy. A cyber-risk assessment provides an informed overview of an organization's cybersecurity posture and provides data for cybersecurity-related decisions. A well-managed assessment process prevents costly wastes of time, effort and resources and enables informed decision-making.

Many jurisdictional instruments, including the European Union General Data Protection Regulation (GDPR) and the Data Protection Act (DP A) 2018 in the United Kingdom, require risk assessments to be conducted. Any organization with a digital footprint should have an understanding of their cyber preparedness to ensure that the leadership does not underestimate or overlook risks that could cause significant damage.

CYBERSECURITY-FOCUSED

Yet today, cybersecurity awareness is largely insufficient and there is no standard approach among investors and corporate leadership for evaluating the cybersecurity preparedness of their own, or their portfolio of companies. A cybersecurity-focused culture, based on cyber expertise and awareness, is vital to prioritizing cybersecurity in the investment process.

Including cybersecurity risk...

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT