Fortify the Company
After leading your company to approach cyber risks in the context of well-understood business risks, you now need to ensure that it is prepared to address cyber risks on an ongoing basis. This requires a well-thought-out organizational structure and processes supported by a culture that promotes openness and communication.
The first thing your company needs to know is where to look for new cyber risks. The good news is that it doesn’t have to look far. Some new cyber risks have external origins, such as vulnerable commercial software. But nearly all the new cyber risks your company will face owe their origin to business-motivated changes that originate within your company. In order to capture these new risks, your company ...