EconomyAny company is vulnerable to a cyber attack

Any company is vulnerable to a cyber attack

(Expansion) – Derived from the COVID-19 pandemic, cybersecurity has become a critical success factor and not just a discipline in the corporate world. According to the latest EY Global Information Security Survey, only 18% of companies consider that information security influences their strategic planning on a regular basis and for 55% it influences little or nothing in their corporate strategy .

It should be noted that cyber risk management is one of the pillars of risk management discipline today. A properly implemented strategy of this type has a significant economic impact on the company’s revenue.

However, it is observed that currently many companies do not have a true representation of their cyber risk profile. And, when they do, it’s not structured in an easily digestible way for top brass. This hinders the decision-making process by the Board of Directors and permanently exposes the company’s information, which could easily be compromised in a cyberattack.

An advantage of having a risk management strategy is that it adds value in monetary terms to the potential impacts, which allows the company to make better decisions more quickly. However, currently, only 32% of CISOs use the space with the Board of Directors to discuss forward-looking issues, related to cyber risk management and drive change.

Some of the most relevant challenges that organizations currently face in the digital plane are the high dependence on information technology, which is increasingly used to support business operations (especially in the field of information technology). financial), as well as the use of emerging technologies (eg: cloud computing, blockchain , artificial intelligence), which increase the risks to which organizations are exposed.

In this context, it is important that, for a proper cyber risk management strategy, the organization first identifies what its information assets are, that is, those that have value for the organization in relation to its customers, employees, products and services. For example, in the case of a bank, it would be credit cards and their ATM channels (automated teller machines), to say the least; which could be violated by a cyber attacker if they are not properly protected.

After knowing the different information assets of the company, a fundamental aspect is to identify their vulnerabilities or weaknesses, which are present in the technological components that support said information assets, for example: databases, servers and networks where company data is supported.

In the ideal world of risk management, the idea is that every company is clear about its information assets. These are based on a large number of technological elements, which are permanently exposed to constant threats and vulnerabilities that translate into risk scenarios.

If these vulnerabilities are not properly addressed, the economic impacts for the organization can be significant, as well as reputational; the latter can be translated into a loss of trust on the part of customers or consumers towards the organization.

Editor’s Note: Juan Fernández is a cybersecurity partner for Financial Services at EY Mexico. Follow him on. The opinions published in this column belong exclusively to the author.

Go from a traditional CV to a digital and comprehensive one

The reality is that a person's CV on paper does not accurately reflect whether that person is suitable for a job, says Guillermo Elizondo.

Inequality as a pending subject

The latent inequalities around the world are presented as one of the debts that we have as a human species, if we aspire to create a future of justice and authentic peace.

ESG and the FOMO effect. The challenge of communicating to the new generations

When thinking about ESG as one of the central pillars in the communication strategy, it becomes essential to carry out a deeper analysis of what it implies, points out Luis Ruiz.

#LaEstampa | Blows to democracy in Mexico and the US

It is evident that there is much to improve in Mexican democracy. But the solution is not the sinister dismantling of the INE.

Prime Day does not save Amazon and reports only 15% growth

The big tech companies are disappointing shareholders and Wall Street's response is to stop betting on them.

More