The number of cyberattacks where malware holds user data “hostage” is expected to grow in 2016 as hackers target more companies and advanced software is able to compromise more types of data.
Ask most corporate executives to define cybersecurity and their initial thoughts turn to data privacy. That’s for good reason. Companies are bleeding corporate trade secrets and personally identifiable information at such an alarming rate that confidentiality issues and related compliance concerns can’t help but dominate the cybersecurity agenda. Yet, ask cybersecurity professionals what keeps them up at night, and the topic invariably turns to data deletion, tampering with control systems, and the potential to cause physical harm over the Internet. These concerns fall into categories that are distinct from protecting data confidentiality. Instead, they demonstrate the importance of maintaining an enterprise focus on the integrity and availability of your company’s most essential data, systems and services.
Establishing command and control gives the power to professionals so they can properly assess the risks and determine which threats pose the greatest danger and must be considered a high security priority. Authority also requires that they identify potential threats that may be considered “acceptable risks” to the organization – meaning they are worth keeping an eye on, but don’t warrant a significant security investment.
