
Top stories






More news









Marketing & Media
Chicken Licken bravely debones a rare phobia with their latest campaign
Joe Public 2 days








A number of traditional risks now play second fiddle to cyber risk. Skill shortages, regulatory changes and global political uncertainty are all serious factors, yet cyber risk routinely appears above them.
Why is that? Cyber elements are now crucial to modern business practices. But misunderstandings about cyber leading to much more uncertainty.You cannot operate a business today without a smartphone. Nor can your employees, plus there is an indefatigable desire from customers for mobile services.
This concentration on mobile services alone shows how prominent cyber has become in business corridors. It’s hardly the only example. Hence why, despite attempts to downplay its significance, cyber risk nonetheless bubbles to the top. The elephant in the room that is becoming noticed because it’s taken up all the space.
So the time has come for companies to have a more sober and encompassing appreciation of cyber risk, starting with what cyber risk is:
Cyber risk is often defined as a security topic, which can then be conveniently mandated to IT or technology leaders in a business. There has been progress in terms of boards and CEOs realising they should take closer responsibility for the risk, but that still often happens under the security assumption. The impact of cyber as a risk is much, much wider.Cyber risks often arise due to the following factors:
How can a business track these risks? They should identify the factors that cause them, then collate data from the different departments involved. For example, is HR satisfied that offboarding processes cover the risk of company data leaving on a former employee’s device?
Gathering that data would normally be very difficult, but modern service platforms such as Riskonnect have been built to address such specific needs. Risk is about measuring input and impact, then using that information to mitigate and improve. Gathering that information is a lot simpler if you use GRC integration platforms. These let different employees and departments input metrics in the way they capture them.
The service then balances that information in formats that risk managers want to see. Since these are service platforms, they are very simple and cost-effective to deploy in a company, no matter the footprint. You can start small, focusing on acute areas, and expand as the service proves its worth.Cyber risk isn’t only about security. It’s a broadside on business operations and ambitions.
Traditional risk assessment approaches are not equipped to handle that and the conversation is often kept narrow and technology-focused. But by looking at the above factors, combined with an integrated GRC management platform, risk managers can define cyber risk in a much better way.