Newport Board Group has recently released a white paper that addresses an issue of importance to all organizations: mitigating the risk of cyber attack.
The new white paper by David Wilson, Newport’s New England Managing Director, and Marcus McInnis, Former Director of Operations for the Center for Cyber Security Innovation (CCSI) at Lockheed Martin, questions some commonly held assumptions and offers some perhaps surprising advice.
The white paper explains that, leaving state actors aside, the main motivation of today’s hackers is financial. CEOs and boards, including those of middle market and emerging growth companies, should worry about well-funded organized crime groups that have access to the latest cyber tools, the smartest hackers and the patience to take a long time horizon for breaking into your systems. The criminals can then “off-load” their spoils using readily available secondary markets. Do you think your company’s data or proprietary information doesn’t have sufficient value to interest a cybercriminal? Think again. These days even your company’s email listing has value on the global black market. Therefore, as the authors say: “it is not a question of whether your company will become a target-just when.”
The authors go on to explain that authorized users’ inadvertent actions are to blame for well over half of cyber breaches. Phishing and other “human factor” events not addressed by technical controls are a major problem. They argue that a full security framework goes well beyond firewalls and other technical tools. It requires awareness and training, from the top executive team to the front line work force.
The white paper is available on the Resources page of Newport Board Group’s web site.
