As American companies conduct operational risk assessments, the potential for a cyber crisis must be at the top of the list.
In late January, at the World Economic Forum held in Davos, PriceWaterhouseCoopers educated world leaders about this growing problem, using in part a four-minute video that illustrates potential risks faced by organizations that don’t have a comprehensive response capability.
Typically, fueled by CEO’s who pride themselves in not being technologically savvy, organizations defer the cyber crisis concern to CIOs who focuses on technological protections. What the C-suite often fails to consider are the ramifications to the company reputation, the legal exposure, marketing channel impacts and shareholder losses that can result from inappropriately assessing this potential threat.
Complicating the lack of attention global businesses provide this imposing threat is a reality cyber criminals are vastly more adept and creative than the few organizations who do prepare. Reversing this reality will require equal portions of patience and human & fiscal resource commitments by senior management. Industry trade groups might help shorten the time-frame via a cyber threat identification framework that member organizations could adopt as the foundation for a company-specific strategy.
As the video shows, the villains of this daunting menace don’t wear ski masks, leather gloves or hold a flashlight in their mouth while cracking the company’s safe.