This article has some great points and ones that need to be strongly considered. Jason Wilk is right on the money when we says that organisations who are wilfully negligent about securing their data, will be in the firing line. This includes boards and management who rely solely on their IT people to give them comfort that all is well when clearly it is not. Even if your IT security is robust, it is only one part of the puzzle in securing your data.
Cyber security is not an IT risk, it is a BUSINESS risk and must be treated in an holistic way (IT, people, business, insurance etc). It is understandable that boards and management don’t understand cyber threats, even those of us who are in the industry struggle at the complexity and pace of emerging threats and the changing landscape.
CIS and Crimson Risk provides solutions to boards and senior management to help raise their awareness of cyber, and with the support of a partnership of cyber specialists (education, legal, technical, insurance, assessment and monitoring), provide a single point of entry for all their cyber requirements.
This is all spearheaded by NIST based holistic AI/Machine learning Cyber assessment which will help organisations to focus and prioritise their cyber defence program.