Resources

Resources

Return to Resources



Ignoring Cyber Vulnerabilities - A Risk Your Company Can't Afford

April 30, 2019

As business leaders, we understand that our enterprise must evolve in many ways in order to keep expanding profitably. Whether that's aligning with the current corporate culture expectations of our employees - who doesn't want to bring their dog to work? - or restructuring the organization, change is necessary. No change has been more revolutionary to the way we conduct business than the digital era.

While the benefits of technology are extraordinary, companies are also faced with constantly-evolving challenges while conducting business in a virtually-connected world. In order to stay on top of their market, it is critical that organizations take cybersecurity seriously and attract and hire the right talent to understand and respond to the ever-changing cyber landscape.

Cyber Threats are a Business Reality

Cyber threats are a moving target and part of operating a modern business. It is no longer a matter of if your company will be attacked, but when. As cyber attacks become more sophisticated, the number of individuals impacted is increasing and the financial loss to businesses is rising. The financial impact of a data breach for a company can be devastating to the bottom line and the brand. Large businesses in the U.S. lose an average of $1.05 million to cybercrimes each year.

According to the 2018 Thales Data Threat Report, 46% of U.S. firms polled reported a data breach in the last year, doubling the previous year's total. The biggest contributor to a cyber attack's success is a company's own employee negligence in two-thirds of the incidents. While executives may be starting to understand that cyber threats are here to stay, 73% of firms fail cybersecurity readiness tests. One of the ways a company can best protect itself in this market is to ensure their cyber staff is certified, knowledgeable, and trained to identify and respond to cyber threats immediately. Cyber breaches are a fundamental business risk impacting revenue, profitability, and stockholder value.

Cybersecurity is No Longer an IT Problem - it's a Board Problem

It seems that executives are starting to understand that cybersecurity is a major risk to the organization that must be addressed at the corporate level, not in the IT department. Highly publicized data breaches by highly visible businesses and government agencies are contributing to awareness of catastrophic impacts of cyber incidents. Another driver for corporations taking a more systemic approach to cybersecurity is the detailed guidance from the Securities and Exchange Commission (SEC), related to how cyber incidents are reported and ongoing cyber risk management.

However, a disconnect remains between executive awareness and how cybersecurity is being managed organizationally. PwC's 2018 Annual Corporate Directors Survey reports that 84% polled say they have discussed management's response to a cyber crisis, but less than half actually have a plan. 82% feel cyber threats are no longer an IT issue, but strategically important for their companies. Yet only 12% report having a separate cyber risk committee.

High ROI of a Certified Workforce

Mitigating cyber risk isn't just avoiding an embarrassing data breach. A sound cyber strategy includes hiring the right team of cybersecurity practitioners who are able to defend the enterprise from day one. Organizations such as Amazon, Allstate, Discover, Lockheed Martin, and Siemens AG all have something in common. When hiring cybersecurity experts, they look for applicants that hold Global Information Assurance Certification (GIAC) certifications. Organizations who are actively recruiting talent with GIAC certifications, and providing their existing cyber teams with opportunities to obtain these highly-specialized certifications, indicates that the company is taking growing cyber threats seriously and is better prepared to respond and protect assets. Hiring and retaining experts with specialized knowledge and certifications is the surest way to position the company against evolving cyber risks.

Don't risk being the next victim of a publicized data breach. Recruit the right cybersecurity professionals with job descriptions that match the role you need filled. With GIAC, assemble your team of InfoSec professionals so that your enterprise is prepared to mitigate cyber risk and prevent financial loss through an attack.

View Expert-Vetted Job Descriptions: https://www.giac.org/programs/job-descriptions

Return to Resources