Bridging the cyber-risk gap

The call for a united front

No organisation can afford to be complacent about cyber risk. The scale of the threat is sobering, and attacks are becoming more common and more sophisticated. The latest cyber-risk research from the European Union Agency for Network and Information Security (ENISA) identifies no fewer than 15 categories of threat 1, and warns that “cyber-threat agents are always a step ahead of the defenders” 2 . Our study is based on a survey of the views of senior managers in both IT and risk from more than 250 businesses across Europe, with annual revenues exceeding $500m. In this report, we identify the fundamental differences of opinion that departments within an organisation can have on cyber risk – and explore ways to resolve them.

A muddled response

Our findings vindicate the ENISA warnings. More than a quarter of our respondents have suffered a notable cyber incident or breach of information systems in the past 12 months alone.

Cyber risk has moved rapidly up the boardroom agenda, but there is little consensus on how to mitigate the threat. For many, the response is led by the IT function. For others, the risk function is expected to play the most prominent role.

Unanswered questions abound. Why? Often, it’s because IT professionals and their counterparts in risk have conflicting views about how to proceed. Is it better to assume that a breach

is inevitable and to prioritise rapid response, or should the organisation focus on building ‘impregnable’ defences? Do defences in one area of the business need greater support than elsewhere? And what is the role of third parties such as insurers?

Collaboration is key

Resolving these questions calls for greater collaboration between IT, risk, the rest of the organisation and insurers. Firms that fail to reach consensus will create gaps in key areas of their cyber-risk management – and leave vulnerabilities that can be exploited.

In the battle against cyber criminals, a united front is crucial.

logo experttube

Video's op het gebied van Audit & Control, Actuariaat & Risk Management, Juridisch & Fiscale Zaken, Pensioenen, Schade & Hypotheken, Compliance en Investment Management.

Bekijk ons volledige overzicht op

logo CareerTube

Videoplatform met werkenbij video's van toonaangevende organisaties in de financiële wereld. Met een focus op de finance specialisatie zorgt de koppeling met de 17 (niche) vacaturesites van CareerGuide direct voor een relevant bereik.

Bekijk ons volledige overzicht op