Managing Risk Governance: People, Process, Technology

As the Internet of Things (IoT) continues to expand, new threats and intrusions continue to threaten cybersecurity. In 2018, the Ponemon Institute issued its 2018 State of Cyber Resilience report with 57% of the respondents saying that they believe it is taking longer to resolve an incident.

Everyone agrees that without a strong cyber risk governance framework, it is practically impossible for companies to keep up with all of the emerging threats and changes. Technology by itself cannot solve the problem, and past tools and protections are becoming ineffective. What’s needed in this complex situation is a better framework for managing these risks with a focus on people, process, and technology.

The people part of this framework has to be a focus on security. Security requires communication along with training and ongoing education. At the same time, it requires a complete understanding of how everyone, including senior executives, use, exchange, and manage documents and data.

The process is about oversight, rules, and regulations. A company must focus on appropriate risks since it is not feasible to throw unlimited money and resources at every threat. Each group should have the independence and flexibility so they can continue to work while addressing cyber risks.

The technology involves putting systems in place that do not interfere with the ability of employees to do their work without preventable burdens. This system will be used for detecting threats as well as enforcing the rules and procedures.

Not paying attention to any of these three factors could lead to gaps and breakdowns. It is necessary to balance people, process, and technology to create a framework that fully supports cybersecurity.

Source: click here.