“We know that breaches are getting bigger,” says Ken Allan, (former) EY Global Cybersecurity Advisory Leader. “The impact of a breach five years ago to now is much bigger as we go more digital.”
Take a step back and consider the decision-making landscape. Every conference table is a carousel of competing priorities, and managers look for results to capture and fires to extinguish. The urgency of cybersecurity precautions and protocols can be lost in this environment. If the servers aren’t smoking, where’s the fire?
That may be the most dangerous mindset of all. Allan contends that every organization has been hacked in some way, but many don’t know it yet, let alone the severity of the breach. He urges all boards to adopt Active Defense principles that help protect business interests and he seeks to reframe the incentives to care.
“A large component of new wealth is being added by the rush into digital,” Allan says. “Without digital trust, people will not embrace these changes. We need to think of cybersecurity as a business enabler.”
According to a 2014 Goldman Sachs forecast, US consumers will spend $626 billion via mobile by 2018, and the Gartner Group estimates that 85% of business relationships will be managed without human interaction by 2020. All organizations must take notice, because all hackers certainly are.
Just ask retailers who thought cybersecurity was only important for banks. Likewise media companies. The stakes are higher than ever as everything from consumer cars to key oil and gas assets come online. The internet of things and other digital integrations heighten capabilities but also deepen potential vulnerabilities.