In a quickly evolving cyber landscape, organisations must achieve a state of information resilience to safeguard not only their data, but also their people, finances and reputation. That was the overriding message imparted at the inaugural BSI International Cyber Resilience Exchange.
The Exchange, which took place at The Convention Centre in Dublin and featured some of the world’s foremost cyber intelligence experts, gave an audience of Irish and international business leaders an opportunity to understand how to protect their organisations’ information against the constant threat of cyber attack.
Delegates heard that corporate Best Practice has moved beyond the ability to respond to security incidents to properly securing and protecting data assets in the first place. According to BSI, it’s the responsibility of organisations – and their senior executives – to ensure information systems are available and secure at all times.
“We live and work in a world that relies almost completely on digital information,” said Michael Bailey, director at BSI. “As we generate and store information to help us run our lives and businesses, cyber criminals are using ever-more sophisticated techniques to exploit that data for their own gain.”
Bailey continued: “Achieving a state of information resilience* doesn’t need to be complicated, but it does need to involve the entire business, from senior management right down to entry-level employees. Through testing, training, awareness and other information security-minded practices, organisations can ensure that they’re ready for the unexpected at all times.”
As the risk of data theft escalates – globally, cyber crime was the second most reported crime in 2016 – so the cost of securing information has also risen. In 2018, organisations worldwide spent €82 billion on information security products and services. By 2021, cyber crime damage costs are expected to reach the €5.1 trillion mark.
The cost of cyber crime was addressed by New York Times best-selling author and renowned cyber crime investigative journalist Brian Krebs, whose presentation centred on the cost of cyber crime.
“The reality is that data breaches are a daily occurrence,” Krebs told the audience. “Everywhere you look, there are companies building their business models around collecting data and almost everyone has a problem keeping that data confidential. Virtually all aspects of cyber security come down to economic decisions and that applies to both attackers and defenders. We need to explore how we can make cyber crime more expensive and less profitable for attackers, and less costly for organisations when they find themselves breached.”
Securing the future
Also part of the programme was a panel discussion exploring the topic of ‘Securing The Future’ and featuring Sian John MBE (chief security advisor at Microsoft) and Dr Jessica Barker, an expert in the human nature of cyber security. They were joined by Stephen O’Boyle (global head of professional services at BSI Cyber Security and Information Resilience) and Conor Hogan (senior manager for information governance at BSI Cyber Security and Information Resilience).
The discussion focused strongly on the importance of integrating cyber and information security within the core business operation rather than as an ‘add-on’ that’s seen as separate to the business.
The panel members agreed that data security is an essential contributor to an organisation’s wider productivity. In this sense, a greater emphasis on technology and security at Board level can accelerate the organisation’s journey towards information resilience.
The introduction of the European Union’s General Data Protection Regulation (GDPR) was cited as a good example of how Board engagement can spread awareness of critical security issues.
However, the panel members also agreed that regulators must come down hard on any non-compliance with the GDPR in order for the new privacy regulations to be embraced at all levels within organisations.
Almost 250 delegates attended the BSI’s International Cyber Resilience Exchange, with a large proportion of C-Suite executives including CEOs, CISOs and CTOs representing more than 30 different business sectors including aerospace, food, healthcare and construction.
The BSI’s Centre of Excellence for Cyber Security and Information Resilience is based in Sandyford, Dublin, where it manages and secures corporate information for BSI’s global clients. The company provides expertise to clients on the identification, protection, compliance and management of information assets through a combination of consultancy, technology, research and training.
The company’s highly qualified consultants’ experience and expertise covers the entire information governance landscape.
*Information resilience is a state wherein an organisation or its clients can access information securely and at exactly the moment they need it, with that information’s integrity assured regardless of the threats that exist at the present time