In a hyper-connected world, no organization can be 100% secure.

Organizations need to ensure that they are secure enough to protect customer information and intellectual property and avoid potential lawsuits, brand damage and loss of shareholder value.

Five actions the C-suite will need to consider:

1. Identifying and quantifying the real risks. The technology risk management lifecycle is a process that:
   • Defines how the external threats specifically apply to the company
   • estimates their potential business impact
   • Defines the possible legal consequences
   • Considers the risk management options based on a cost/risk reduction analysis
   • Presents a prioritized financial-based set of risk management options for all relevant risks
   • Makes a business decision based on the company’s risk tolerance
   • Executes the decision


2. Protecting what matters most. Senior executives should champion a risk management strategy to protect business growth, brand and high-value data and systems, as well as improve processes that control liability by putting in place programs that help detect, deter and respond to breaches both internally and externally.
   


3. Sustaining an enterprise-wide program. The management of technology risks needs to be a board-level priority, where executives understand that well-established risk management practices need to be applied to security-related risks.
   


4. Optimizing for business performance. Aligning all aspects of technology risks with the business, including information/cyber security, privacy, and physical and business continuity/resiliency, will not only protect the bottom line, it will also generate cost efficiencies and improve performance.
   


5. Enabling business performance. Safeguarding against cyber breaches and protecting the organization’s critical assets should is rapidly emerging as a board fiduciary responsibility. When done well, the proposed enterprise-wide program can enable business performance through faster product launches, more effective customer communication and higher-quality information for decision-making.
   

<< Previous | Next >>

Technology risk management in a cyber world: a C-suite responsibility

Related content

• The evolving IT risk landscape: the why and how of IT risk management today
• Information security in a borderless world: time for a rethink
• Countering cyber attacks

Download

• Download Technology risk management in a cyber world: a C-suite responsibility as a printable document (431 KB PDF).

Contact us

• Bernie Wedge
  Americas ITRA Leader
  +1 404 817 5120
  
  
• Dan Casciano
  Americas IT Risk
  Management Leader
  +1 336 605 7801
  
  
• Jose Granado
  Americas Information
  Security Leader
  +1 713 750 8671

Feedback

• Rate this article
• Leave a comment