Cyber Security Risk Management Tips for Executives

Cyber incidents put your operations to a halt and it takes time and effort to remedy the situation. What are the main areas every executive should look for in cyber security risk management?

Author: Taija
Date: 03.04.2018
Read Time: 2 Minutes

Cyber risk is a relevant topic for every executive across all industries. World Economic Forum evaluated cyber-attacks as the 3rd most likely and 6th most impactful risk (Global Risks Report 2018). In his recent article, Marko Buuri, Principal Risk Management Consultant at F-Secure, summarizes the main areas every executive should look for in cyber security risk management.

 

Well thought-out risk stories are a sign of a good security risk culture

 

”As an executive, you should know that your company’s risk management processes have a better chance of being effective once you have produced verbose explanations of how cyber security risks are expected to actualize, who are the attackers, what are the weak spots, and how a successful breach would impact your business”, Buuri says.

 

Valuable security risk definitions read like stories. These stories end at business incidents, such as a breach of confidential information or a disruption in production. Each incident is then connected to specific forms of loss.

 

Can you quantify your cyber risk?

 

Cyber incidents put your operations to a halt and it takes time and effort to remedy the situation, which leads to losses. It makes a lot of sense to quantify the financial impact of cyber risk.

 

”After all, insurances and security improvements cost money, and comparing those estimates against a color-coded risk registry is like comparing apples to oranges. Only after proper identification of risks as stories, it becomes possible to take an analytical look at evaluating them” Marko Buuri explains in his article.

 

As an executive, you should expect that your company is applying proper financial evaluation methods to assess the most significant cyber security risk scenarios.

 

F-Secure’s Cyber Breach Impact Quantification service allows companies to accurately estimate different types of operational losses – no longer relying on guesstimates or ballpark figures.

 

cyber security risk management

 

This post is based on an article by Marko Buuri: What Every Executive Should Require from Cyber Security Risk Management


Post Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s