Does Your Company Have a Cyber Security Strategy?
In an increasingly interconnected world there is a corresponding increase in the vulnerability of information systems to attack. We have moved from the hacking of email accounts and cloning of credit cards to a situation where entire industrial processes have been taken over by malware.
The reliance placed on information systems, both for the storage and transmission of data, is making data security breaches all the more damaging to organisations. It has never been clearer that companies and organisations need to have data security policies in place and good information governance.
There are a number of key questions for the board and executive management to consider in relation to cyber security:
- Where does cyber security fit within the company’s governance framework?
- Does the company have a cyber security strategy?
- Do all personnel understand that there is a cyber security strategy and their role in implementing it?
- Is the strategy understood and led from the top?
- Has the company’s cyber security strategy been tested as part of business continuity?
- Has the company experienced any cyber security breaches in the past and what measures have been put in place as a result to protect against future breaches?
- Do third parties pose any threat to the company’s cyber security?
- How might a breach impact on the company’s reputation and what is the role of the board within that?