BSI urges businesses to achieve state of information resilience as cyber risk heightens

In a quickly evolving cyber landscape, organisations must achieve a state of information resilience to safeguard not only their data, but also their people, finances and reputation. That was the overriding message imparted at the inaugural BSI International Cyber Resilience Exchange.

The Exchange, which took place at The Convention Centre in Dublin and featured some of the world’s foremost cyber intelligence experts, gave an audience of Irish and international business leaders an opportunity to understand how to protect their organisations’ information against the constant threat of cyber attack.

Delegates heard that corporate Best Practice has moved beyond the ability to respond to security incidents to properly securing and protecting data assets in the first place. According to BSI, it’s the responsibility of organisations – and their senior executives – to ensure information systems are available and secure at all times.

“We live and work in a world that relies almost completely on digital information,” said Michael Bailey, director at BSI. “As we generate and store information to help us run our lives and businesses, cyber criminals are using ever-more sophisticated techniques to exploit that data for their own gain.”

Bailey continued: “Achieving a state of information resilience* doesn’t need to be complicated, but it does need to involve the entire business, from senior management right down to entry-level employees. Through testing, training, awareness and other information security-minded practices, organisations can ensure that they’re ready for the unexpected at all times.”

As the risk of data theft escalates – globally, cyber crime was the second most reported crime in 2016 – so the cost of securing information has also risen. In 2018, organisations worldwide spent €82 billion on information security products and services. By 2021, cyber crime damage costs are expected to reach the €5.1 trillion mark.

The cost of cyber crime was addressed by New York Times best-selling author and renowned cyber crime investigative journalist Brian Krebs, whose presentation centred on the cost of cyber crime.

“The reality is that data breaches are a daily occurrence,” Krebs told the audience. “Everywhere you look, there are companies building their business models around collecting data and almost everyone has a problem keeping that data confidential. Virtually all aspects of cyber security come down to economic decisions and that applies to both attackers and defenders. We need to explore how we can make cyber crime more expensive and less profitable for attackers, and less costly for organisations when they find themselves breached.”

Securing the future

Also part of the programme was a panel discussion exploring the topic of ‘Securing The Future’ and featuring Sian John MBE (chief security advisor at Microsoft) and Dr Jessica Barker, an expert in the human nature of cyber security. They were joined by Stephen O’Boyle (global head of professional services at BSI Cyber Security and Information Resilience) and Conor Hogan (senior manager for information governance at BSI Cyber Security and Information Resilience).

The discussion focused strongly on the importance of integrating cyber and information security within the core business operation rather than as an ‘add-on’ that’s seen as separate to the business.

The panel members agreed that data security is an essential contributor to an organisation’s wider productivity. In this sense, a greater emphasis on technology and security at Board level can accelerate the organisation’s journey towards information resilience.

The introduction of the European Union’s General Data Protection Regulation (GDPR) was cited as a good example of how Board engagement can spread awareness of critical security issues.

However, the panel members also agreed that regulators must come down hard on any non-compliance with the GDPR in order for the new privacy regulations to be embraced at all levels within organisations.

Almost 250 delegates attended the BSI’s International Cyber Resilience Exchange, with a large proportion of C-Suite executives including CEOs, CISOs and CTOs representing more than 30 different business sectors including aerospace, food, healthcare and construction.

The BSI’s Centre of Excellence for Cyber Security and Information Resilience is based in Sandyford, Dublin, where it manages and secures corporate information for BSI’s global clients. The company provides expertise to clients on the identification, protection, compliance and management of information assets through a combination of consultancy, technology, research and training.

The company’s highly qualified consultants’ experience and expertise covers the entire information governance landscape.

*Information resilience is a state wherein an organisation or its clients can access information securely and at exactly the moment they need it, with that information’s integrity assured regardless of the threats that exist at the present time

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts