Hackers are working on new techniques to breach the security of organisations with the aim of causing damage, accessing sensitive data and stealing intellectual property, warns EY

Part of a technology risks series supported by


AIG

Cyber

Cyber risks are growing and changing rapidly. No longer only an IT department or security issue, cyber risk is now an enterprise-wide risk management issue.

“The advent of the digital world and the inherent connectivity of people, devices and organisations open up a new playing field of vulnerabilities,” says Mark brown, executive director of cyber security and resilience at EY.

“Every day, hackers are working on new techniques to breach the security of organisations with the aim of causing damage, accessing sensitive data and stealing intellectual property. In an on-going cycle, as old sources of cyber threat fade, new sources are increasingly emerging to take their place.”

Anticipating and preparing for a cyber attack are imperative components for organisations to stay ahead of cyber criminals.

“To get cyber security right, the first step is to activate available defences and get the foundations right,” says brown. “Such defences are not only technical software solutions but a mixture of governance, risk, compliance, people, process and technology, all of which should be aligned to business needs and strategies.”

The next stage is to adapt cyber security to be more dynamic, better aligned, and integrated into key business processes, formally embedding itself within the business. “Once these two aspects have been delivered comes the real opportunity: the chance to anticipate and get ahead of cyber crime,” says brown.

“In the meantime, the threat landscape is rapidly expanding, the power of cyber criminals is growing and organisations are still struggling with a number of roadblocks.”